- Avoid unnecessary privileges
- Rootless containers
- Don’t bind to a specific UID
- Make executables owned by root and not writable
- Reduce attack surface
- Multistage builds
- Distroless, from scratch
- Use trusted base images
- Update your images frequently
- Exposed ports
- Prevent confidential data leaks
- Credentials and confidentiality
- ADD, COPY
- Build context and dockerignore
- Others
- Layer sanity
- Metadata labels
- Linting
- Locally scan images during development
- Beyond image building
- Docker port socket and TCP protection
- Sign images and verify signatures
- Tag mutability
- Run as non-root
- Include health / liveness checks
- Drop capabilities
-
Notifications
You must be signed in to change notification settings - Fork 0
To store Dockerfile
License
pplmx/LearningDocker
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
About
To store Dockerfile
Topics
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published