This is the first episode in the new format - 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it!
 
The topic of this episode is building docker images - automation, security, best practices.
 
In this episode, we discuss:
Saving money with T3a family
Building Docker images locally and in CI
Setting up deamonless Docker builds for CI and k8s
Using multistage builds to keep your images nice and clean as well as encapsulate the build environment and make it portable
Passing secrets to Docker build and inspecting image layers for secrets (ssh-agent and many more)
Keeping Docker images updated with dependencies and updates
Scanning Docker images for vulnerabilities
Docker image layers caching - doing it right
DockerHub is to delete old images stored for free, and GitHub is ready to host them for you
Docker image naming so you can find all you need to debug quickly

 
In some of the information overlaps with episode #3 but greatly extends information provided before https://devsecops.fm/episodes/docker-secure-build/
 
Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

Ver todos los episodios