Rootless Docker Images for Secure Kubernetes Deployments
Minimal Alpine-based Docker image for kubectl with automatic updates, Cosign signing, and security scanning
The repository demonstrates the use of Docker Scout in a CI/CD pipeline to examine vulnerabilities in container images. This demo was presented at Secure Open Source Software (SOSS) Community Days India 2024.
Sample container image to demonstrate attack scenarios in containerized cluster environments.
Set of dockerfiles meant for throw-away instances that achieve a singular purpose: to "safely" interact (run, play, unzip, etc) with programs or files without the need of a full VM to avoid compromise of the host machine. Think of it as a bomb disposal device for files you don't trust that much but still need to run, unzip or play.
Automated container image scanning pipeline using GitHub Actions and Trivy. Builds Docker images, enforces a High/Critical vulnerability gate, and generates HTML reports, SBOMs, and SAST findings. Demonstrates DevSecOps, supply chain security, and CI-based risk controls.
Automated, secure Docker pipeline with image scanning and cloud/K8s deployment.
Docker best practices using multi-stage builds, optimized images, dependency pinning, non-root execution, and small, secure production-ready containers.
Add a description, image, and links to the container-security topic page so that developers can more easily learn about it.
To associate your repository with the container-security topic, visit your repo's landing page and select "manage topics."