Scan all or most containers with Trivy / Dockle #60
Assignees
Labels
area/engineering
Requires attention from engineering: focus on foundational components or platform DevOps
area/security
kind/feature
New feature or request
priority/soon
size/M
2-3 days
Comments
sylus
added
area/security
area/engineering
|
I'll be handling this one |
|
Any plans for containers already in our registry? Should this be applied to daaas-containers as well? I think some of the images in daaas-containers run as root. (Which we probably can+should change) |
|
Scope is small first then can be expanded out. |
|
Only kubeflow-containers is left looking to see if is feasible given how large tomorrow. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In order to more fully comply with security compliance, we should try to scan most of our containers with Trivy / Dockle using Azure Container-Scan.
https://github.com/Azure/container-scan
The text was updated successfully, but these errors were encountered: