October 13, 2020

DEVSECOPS Talks #17-2020 - Best Practices for Building Docker Images

33 minutes

This is the first episode in the new format - 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it!

The topic of this episode is building docker images - automation, security, best practices.

In this episode, we discuss:

Saving money with T3a family

Building Docker images locally and in CI

Setting up deamonless Docker builds for CI and k8s

Using multistage builds to keep your images nice and clean as well as encapsulate the build environment and make it portable

Passing secrets to Docker build and inspecting image layers for secrets (ssh-agent and many more)

Keeping Docker images updated with dependencies and updates

Scanning Docker images for vulnerabilities

Docker image layers caching - doing it right

DockerHub is to delete old images stored for free, and GitHub is ready to host them for you

Docker image naming so you can find all you need to debug quickly

In some of the information overlaps with episode #3 but greatly extends information provided before https://devsecops.fm/episodes/docker-secure-build/

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

...more

View all episodes

By Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin

33 ratings