Public Notes by bbishop Tagged #docker

Container Structure Tests: Unit Tests for Docker Images | Google Open Source Blog opensource.googleblog.com

Usage of containers in software applications is on the rise, and with their increasing usage in production comes a need for robust testing and validation. Containers provide great testing environments, but actually validating the structure of the containers themselves can be tricky. via Pocket #docker #containers #testing #IFTTT #Pocket #Unread #pub

containers •
docker •
ifttt •
pocket •
pub •
testing •
unread

Clean out your Docker images, containers and volumes with single commands hackernoon.com

docker •
maintenance •
management •
pub •
toread

google/gvisor: Container Runtime Sandbox github.com

containers •
docker •
golang •
google •
isolation •
pub

Google Cloud Platform Blog: Introducing Jib — build Java Docker images better cloudplatform.googleblog.com

build •
docker •
java •
maven •
pub

Best practices for writing Dockerfiles | Docker Documentation docs.docker.com

best •
docker •
dockerfile •
practice •
practices •
pub

aelsabbahy/goss: Quick and Easy server testing/validation github.com

devops •
docker •
golang •
pub •
server •
testing

Optimizing Docker Images for Maven Projects whitfin.io

build •
docker •
dockerize •
java •
jdk •
jre •
maven •
minimize •
projects •
pub

Understanding Volumes in Docker - Container Solutions container-solutions.com

This post was updated on 6 Jan 2017 to cover new versions of Docker. It’s clear from looking at the questions asked on the Docker IRC channel (#docker on Freenode), Slack and Stackoverflow that there’s a lot of confusion over how volumes work in Docker. via Pocket #IFTTT #Pocket #docker #volumes #pub

docker •
ifttt •
pocket •
pub •
volumes

Docker Data Containers and Named Volumes - Blog | BoxBoat boxboat.com

There are more than several informative blog posts and articles that explain Docker data management to great length, however confusion has recently been introduced with the introduction of the volume API in Docker 1.9. via Pocket #IFTTT #Pocket #docker #pub

docker •
ifttt •
pocket •
pub

hadolint/hadolint github.com

Dockerfile linter, validate inline bash, written in Haskell - hadolint/hadolint #docker #lint #Unsorted #pub

docker •
lint •
pub •
unsorted

Docker containers with root privileges - Neoteric Software House neoteric.eu

A significant part of the IT world relies on Docker containers. They are easy to use & portable. But are they always good? Let's see how to use them safely. #docker #root #pub

docker •
pub •
root

domm / Perl / How to reclaim disk space used by docker (volumes), but keep a few important ones domm.plix.at

docker •
filter •
filtering •
pub •
volume

GitHub - hexops/dockerfile: Dockerfile best-practices for writing production-worthy Docker images. github.com

Docker Security - OWASP Cheat Sheet Series cheatsheetseries.owasp.org

#docker #security #cheatsheet #hardening #Unread #via:popular #toread #pub

cheatsheet •
docker •
hardening •
pub •
security •
toread •
unread •
via:popular

containers/skopeo: Work with remote images registries - retrieving information, images, signing content github.com

cli •
container •
containers •
docker •
pub

sigstore/cosign: Container Signing github.com

Container Signing, Verification and Storage in an OCI registry. Cosign aims to make signatures invisible infrastructure. Cosign supports: Hardware and KMS signing Bring-your-own PKI Our free OIDC PKI (Fulcio) Built-in binary transparency and timestamping service (Rekor) #cryptography #build #containers #docker #pub

build •
containers •
cryptography •
docker •
pub

Best Practices Around Production Ready Web Apps with Docker Compose — Nick Janetakis nickjanetakis.com

GoogleContainerTools/distroless: 🥑 Language focused docker images, minus the operating system. github.com

"Distroless" images contain only your application and its runtime dependencies. They do not contain package managers, shells or any other programs you would expect to find in a standard Linux distribution. For more information, see this talk (video). Why should I use distroless images? Restricting what's in your runtime container to precisely what's necessary for your app is a best practice employed by Google and other tech giants that have used containers in production for many years. It improves the signal to noise of scanners (e.g. CVE) and reduces the burden of establishing provenance to just what you need. #devops #container #docker #google #pub

container •
devops •
docker •
google •
pub

awslabs/amazon-ecr-credential-helper: Automatically gets credentials for Amazon ECR on docker push/docker pull github.com

The Amazon ECR Docker Credential Helper is a credential helper for the Docker daemon that makes it easier to use Amazon Elastic Container Registry. #amazon #aws #docker #cli #ecr #pub

amazon •
aws •
cli •
docker •
ecr •
pub

docker data volume vs mounted host directory - Stack Overflow stackoverflow.com

bind •
docker •
mount •
pub •
volume