Explore techniques for automating security updates across multiple Docker images in this 30-minute conference talk from Devoxx. Learn how to force rebuilds of images with vulnerabilities, deploy updated versions without disrupting services, and implement cascading security updates for hundreds of Docker images using open-source tools. Discover methods for integrating these updates into CI/CD systems, enabling verified cascades in the correct order. Gain insights into handling challenges in large organizations, managing pull request pipelines, and addressing edge conditions. Follow along with a live demonstration and explore concepts such as Docker File Image Updates, Image Tag Stores, and intermediate repositories. Acquire practical knowledge on versioning, scheduling, and potential improvements to streamline the security update process for Docker-based infrastructures.
Auto Cascading Security Updates Through Docker Images
Overview
Syllabus
Introduction
Agenda
Takeaways
What makes it challenging
Order of rebuilds
Large organizations
Its tough
Why not
What can we do
The pull request pipeline
Docker File Image Update
Invoke the tool
Example
Image Tag Store
Edge Conditions
Pull Request
Live Demo
Pull Requests
Alpine Java
Syntax Error
Keep Testing
Demo Summary
Build from Scratch
Versioning
Intermediate Repository
Scheduling
Merged Pull Requests
Improvements
Things to take away
QA
Taught by
Devoxx
