Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
GCRと脆弱性検査
Search
youyo
October 15, 2018
Technology
0
210
GCRと脆弱性検査
GCRと脆弱性検査
youyo
October 15, 2018
Tweet
Share
More Decks by youyo
See All by youyo
家の快適度を計測してみた
youyo
1
200
Get started AWS CDK
youyo
0
110
Tried to create a deployment pipeline of AutoML Vision.
youyo
0
78
API GatewayのWebSocket対応について
youyo
0
820
goodbye-ec2
youyo
0
680
それでも僕はzabbixと生きていく
youyo
1
480
About AWS Lambda and kintone
youyo
1
270
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
youyo
0
450
Other Decks in Technology
See All in Technology
OpenHands🤲にContributeしてみた
kotauchisunsun
1
500
怖くない!はじめてのClaude Code
shinya337
0
310
GitHub Copilot の概要
tomokusaba
1
150
登壇ネタの見つけ方 / How to find talk topics
pinkumohikan
6
600
解析の定理証明実践@Lean 4
dec9ue
1
200
Oracle Cloud Infrastructure:2025年6月度サービス・アップデート
oracle4engineer
PRO
2
310
プロダクトエンジニアリング組織への歩み、その現在地 / Our journey to becoming a product engineering organization
hiro_torii
0
140
論文紹介:LLMDet (CVPR2025 Highlight)
tattaka
0
240
LangChain Interrupt & LangChain Ambassadors meetingレポート
os1ma
2
220
Core Audio tapを使ったリアルタイム音声処理のお話
yuta0306
0
160
あなたの声を届けよう! 女性エンジニア登壇の意義とアウトプット実践ガイド #wttjp / Call for Your Voice
kondoyuko
4
510
Tech-Verse 2025 Keynote
lycorptech_jp
PRO
0
1.3k
Featured
See All Featured
Practical Orchestrator
shlominoach
188
11k
The Invisible Side of Design
smashingmag
300
51k
Designing for Performance
lara
609
69k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
45
7.5k
Building Adaptive Systems
keathley
43
2.6k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
252
21k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
17
950
How GitHub (no longer) Works
holman
314
140k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Making the Leap to Tech Lead
cromwellryan
134
9.4k
Transcript
GCRと脆弱性検査
GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版
ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja
FROM debian LABEL maintainer "youyo <
[email protected]
>" RUN apt update -y
RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
None
FROM alpine LABEL maintainer "youyo <
[email protected]
>" RUN apk add --update
apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
None
まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう