DEVSECOPS Talks #17-2020 - Best Practices for Building Docker Images
The DevSecOps Talks Podcast - A podcast by Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin
Categories:
This is the first episode in the new format - 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it! The topic of this episode is building docker images - automation, security, best practices. In this episode, we discuss: Saving money with T3a family Building Docker images locally and in CI Setting up deamonless Docker builds for CI and k8s Using multistage builds to keep your images nice and clean as well as encapsulate the build environment and make it portable Passing secrets to Docker build and inspecting image layers for secrets (ssh-agent and many more) Keeping Docker images updated with dependencies and updates Scanning Docker images for vulnerabilities Docker image layers caching - doing it right DockerHub is to delete old images stored for free, and GitHub is ready to host them for you Docker image naming so you can find all you need to debug quickly In some of the information overlaps with episode #3 but greatly extends information provided before https://devsecops.fm/episodes/docker-secure-build/ Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion