Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GCRと脆弱性検査

Avatar for youyo youyo
October 15, 2018
Technology
0
210

 GCRと脆弱性検査

GCRと脆弱性検査
Avatar for youyo

youyo

October 15, 2018
Tweet

More Decks by youyo

See All by youyo
家の快適度を計測してみた
Avatar for youyo youyo
1
200
Get started AWS CDK
Avatar for youyo youyo
0
110
Tried to create a deployment pipeline of AutoML Vision.
Avatar for youyo youyo
0
78
API GatewayのWebSocket対応について
Avatar for youyo youyo
0
820
goodbye-ec2
Avatar for youyo youyo
0
680
それでも僕はzabbixと生きていく
Avatar for youyo youyo
1
480
About AWS Lambda and kintone
Avatar for youyo youyo
1
270
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
Avatar for youyo youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
Avatar for youyo youyo
0
450

Other Decks in Technology

See All in Technology
OpenHands🤲にContributeしてみた
Avatar for kotauchisunsun kotauchisunsun
1
500
怖くない!はじめてのClaude Code
Avatar for Shinya Masadome(東京AI祭) shinya337
0
310
GitHub Copilot の概要
Avatar for tomokusaba tomokusaba
1
150
登壇ネタの見つけ方 / How to find talk topics
Avatar for pinkumohikan pinkumohikan
6
600
解析の定理証明実践@Lean 4
Avatar for H Segawa dec9ue
1
200
Oracle Cloud Infrastructure:2025年6月度サービス・アップデート
Avatar for oracle4engineer oracle4engineer
PRO
2
310
プロダクトエンジニアリング組織への歩み、その現在地 / Our journey to becoming a product engineering organization
Avatar for hiro-torii hiro_torii
0
140
論文紹介:LLMDet (CVPR2025 Highlight)
Avatar for tattaka tattaka
0
240
LangChain Interrupt & LangChain Ambassadors meetingレポート
Avatar for os1ma os1ma
2
220
Core Audio tapを使ったリアルタイム音声処理のお話
Avatar for Sloth yuta0306
0
160
あなたの声を届けよう! 女性エンジニア登壇の意義とアウトプット実践ガイド #wttjp / Call for Your Voice
Avatar for kondoyuko kondoyuko
4
510
Tech-Verse 2025 Keynote
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
1.3k

Featured

See All Featured
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
188
11k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
300
51k
Designing for Performance
Avatar for Lara Hogan lara
609
69k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
45
7.5k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.6k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
161
15k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
51
3.3k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
252
21k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
17
950
How GitHub (no longer) Works
Avatar for Zach Holman holman
314
140k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
367
19k
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
134
9.4k

Transcript

  1. GCRと脆弱性検査

  2. GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版

    ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja

  3. FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y

    RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
  4. None

  5. FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update

    apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
  6. None

  7. まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう