This repository has been archived by the owner on Nov 26, 2022. It is now read-only.
Post Images to GCR #22
Comments
ghost
pushed a commit
to danvau7/modsecurity-docker
that referenced
this issue
May 6, 2019
…read Apache2 conf files
ghost
pushed a commit
to danvau7/modsecurity-docker
that referenced
this issue
May 7, 2019
ghost
pushed a commit
to danvau7/modsecurity-docker
that referenced
this issue
May 9, 2019
ghost
pushed a commit
to danvau7/modsecurity-docker
that referenced
this issue
May 9, 2019
|
@danehrlich1 Is this something desirable still? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Our Docker images should also be posted Google Container Registry:
GCR does automated vuln analysis. For instance the current container image has 329 vulns, with 5 of them being pretty serious: https://gcr.io/crs-support/modsecurity-docker/v3/apache-apache
GCR can be secured with 2FA by the admins, which for some reason Docker Hub does not have
For the base image, we can you GCP Managed Based Images, which are pretty hardened / secured: https://cloud.google.com/container-registry/docs/managed-base-images
We can link GCR to Github in a variety of ways, such that when new code is pushed to Github, if it has a tag on it it can kick off a build of the image in GCR. If we want can also send to Cloud Build for testing...
The text was updated successfully, but these errors were encountered: