Docker Scout ã§ã®ããªã·ãŒè©äŸ¡ãå§ããã
ãœãããŠã§ã¢ãµãã©ã€ãã§ãŒã³ç®¡çã§ã¯ãã¢ãŒãã£ãã¡ã¯ãã®ã»ãã¥ãªãã£ãšä¿¡é Œæ§ãç¶æããããšãæåªå äºé ã§ããDocker Scout ã®ããªã·ãŒè©äŸ¡ã«ãããæ¢åã®åææ©èœã«å ããŠç®¡çã¬ã€ã€ãŒãè¿œå ãããã¢ãŒãã£ãã¡ã¯ãã«å¯Ÿãããµãã©ã€ãã§ãŒã³ã«ãŒã«ãå®çŸ©ããããã«å¯Ÿããããã©ãŒãã³ã¹ã远跡ã§ããããã«ãªããŸãã
ããªã·ãŒè©äŸ¡ã䜿çšããŠãã¢ãŒãã£ãã¡ã¯ãã確ç«ããããã¹ããã©ã¯ãã£ã¹ã«æ²¿ã£ãŠãããã確èªããæ¹æ³ãåŠã³ãŸãããã
ããªã·ãŒè©äŸ¡ã®ä»çµã¿
Docker Scout ããªããžããªã§æå¹åãããšãããã·ã¥ããã€ã¡ãŒãžãèªåçã«åæãããŸãããã®åæã«ãããã€ã¡ãŒãžã®æ§æãå«ãŸããŠããããã±ãŒãžãè匱æ§ã«ã€ããŠã®ã€ã³ãµã€ããåŸãããŸããããªã·ãŒè©äŸ¡ã¯ããã®ã€ã¡ãŒãžåææ©èœã«åºã¥ããåæçµæãããªã·ãŒã§å®çŸ©ãããã«ãŒã«ãšæ¯èŒããŸãã
ããªã·ãŒã¯ãã¢ãŒãã£ãã¡ã¯ããæºããã¹ãã€ã¡ãŒãžå質ã®åºæºãå®çŸ©ããŸããããšãã°ãNo AGPL v3 licenses ããªã·ãŒã¯ãAGPL v3 ã©ã€ã»ã³ã¹ã§é åžãããããã±ãŒãžãå«ãã€ã¡ãŒãžã«ãã©ã°ãä»ããŸããã€ã¡ãŒãžã«ãã®ãããªããã±ãŒãžãå«ãŸããŠããå Žåããã®ã€ã¡ãŒãžã¯ãã®ããªã·ãŒã«æºæ ããŠããªããšèŠãªãããŸããäžéšã®ããªã·ãŒïŒNo AGPL v3 licenses ããªã·ãŒãªã©ïŒã¯èšå®ãå¯èœã§ãOrganization ã®ããŒãºã«åãããŠåºæºã調æŽã§ããŸãã
Docker Scout ã§ã¯ãããªã·ãŒã䜿çšããŠãµãã©ã€ãã§ãŒã³ã®ã»ãã¥ãªãã£ãä¿¡é Œæ§ã段éçã«åäžãããããšãç®çãšããŠããŸããä»ã®ããŒã«ãåæ Œ/äžåæ Œã®ã¹ããŒã¿ã¹ãæäŸããã®ã«å¯ŸããDocker Scout ã®ããªã·ãŒã¯ãå°ããªå€æŽãããªã·ãŒã®ã¹ããŒã¿ã¹ã«ã©ã®ããã«åœ±é¿ããããå¯èŠåããŸããããªã·ãŒã®èŠæ±ããŸã æºãããŠããªãå Žåã§ãã倱æã®ã£ãããæéãšãšãã«ã©ã®ããã«å€åãããã远跡ããããšã§ãã¢ãŒãã£ãã¡ã¯ããããªã·ãŒã«å¯ŸããŠæ¹åããŠããã®ããæªåããŠããã®ãã容æã«ç¢ºèªã§ããŸãã
ããªã·ãŒã¯å¿ ãããã¢ããªã±ãŒã·ã§ã³ã»ãã¥ãªãã£ãè匱æ§ã«é¢é£ããå¿ èŠã¯ãããŸããããµãã©ã€ãã§ãŒã³ç®¡çã®ä»ã®åŽé¢ãäŸãã°ãªãŒãã³ãœãŒã¹ã©ã€ã»ã³ã¹ã®äœ¿çšç¶æ³ãããŒã¹ã€ã¡ãŒãžã®ææ°æ§ãªã©ã枬å®ããã³è¿œè·¡ããããã«ãããªã·ãŒã䜿çšã§ããŸãã
ããªã·ãŒã¿ã€ã
Docker Scout ã§ã¯ãããªã·ãŒã¯ããªã·ãŒã¿ã€ããã掟çããŸããããªã·ãŒã¿ã€ãã¯ããªã·ãŒã®äž»èŠãªãã©ã¡ãŒã¿ãå®çŸ©ãããã³ãã¬ãŒãã§ãããåããªã·ãŒã¯å¯Ÿå¿ããããªã·ãŒã¿ã€ãããäœæãããã€ã³ã¹ã¿ã³ã¹ãšããŠæ©èœããŸãã
Docker Scout ã¯æ¬¡ã®ããªã·ãŒã¿ã€ãããµããŒãããŠããŸãïŒ
- Severity-Based Vulnerability
- Compliant Licenses
- Up-to-Date Base Images
- High-Profile Vulnerabilities
- Supply Chain Attestations
- Default Non-Root User
- Approved Base Images
- SonarQube Quality Gates
Docker Scout ã¯ãSonarQube Quality Gates ããªã·ãŒãé€ããã¹ãŠã®ããªã·ãŒãããã©ã«ãã§æäŸããŠããŸããSonarQube Quality Gates ããªã·ãŒãå©çšããã«ã¯ãSonarQube ãšã®çµ±åãå¿ èŠã§ãã
ãµããŒããããŠããããªã·ãŒã¿ã€ãããã«ã¹ã¿ã ããªã·ãŒãäœæãããããããžã§ã¯ãã«é©çšã§ããªãããã©ã«ãããªã·ãŒãåé€ãããã§ããŸãã詳现ã«ã€ããŠã¯ãããªã·ãŒã®èšå®ãåç §ããŠãã ããã
Severity-Based Vulnerability
Severity-Based Vulnerability ããªã·ãŒã¿ã€ãã¯ãã¢ãŒãã£ãã¡ã¯ããæ¢ç¥ã®è匱æ§ã«ãããããŠãããã©ããã確èªããŸãã
ããã©ã«ãã§ã¯ãä¿®æ£ããŒãžã§ã³ãå©çšå¯èœãªã¯ãªãã£ã«ã«ããã³é«é倧床ã®è匱æ§ã«ã®ã¿ãã©ã°ãç«ãŠãããŸããããã¯ãè匱ãªããã±ãŒãžãä¿®æ£ããŒãžã§ã³ã«ã¢ããã°ã¬ãŒãããããšã§ãä¿®æ£ã容æã«é©çšã§ããããšãæå³ããŸãã
ã«ã¹ã¿ã ããŒãžã§ã³ãäœæããããšã§ãããªã·ãŒã®ãã©ã¡ãŒã¿ãèšå®ã§ããŸãã以äžã®ãã©ã¡ãŒã¿ãã«ã¹ã¿ãã€ãºå¯èœã§ãïŒ
-
Age: è匱æ§ãæåã«å ¬éãããŠããã®æå°æ¥æ°
æ°ãã«çºèŠãããè匱æ§ãè©äŸ¡ã®å€±æåå ãšãªããªããããäžå®ã®æéçµéåŸã®è匱æ§ã«ã®ã¿ãã©ã°ãç«ãŠãçç±ããããŸãã
-
Severities: èæ ®ããé倧床ã¬ãã«(ããã©ã«ã:
Critical, High
) -
Fixable vulnerabilities only: ä¿®æ£ããŒãžã§ã³ãå©çšå¯èœãªè匱æ§ã®ã¿ãå ±åãããã©ããïŒããã©ã«ãã§æå¹ïŒã
-
Package types: èæ ®ããããã±ãŒãžã¿ã€ãã®ãªã¹ãã
ãã®ãªãã·ã§ã³ã䜿çšãããšãPURL ããã±ãŒãžã¿ã€ãã®å®çŸ©ãšããŠããªã·ãŒè©äŸ¡ã«å«ããããã±ãŒãžã¿ã€ããæå®ã§ããŸããããã©ã«ãã§ã¯ãããªã·ãŒã¯ãã¹ãŠã®ããã±ãŒãžã¿ã€ããèæ ®ããŸãã
ããªã·ãŒã®èšå®ã«ã€ããŠã®è©³çŽ°ã¯ãããªã·ãŒã®èšå®ãåç §ããŠãã ããã
Compliant Licenses
Compliant Licenses ããªã·ãŒã¿ã€ãã¯ãã€ã¡ãŒãžãäžé©åãªã©ã€ã»ã³ã¹ã§é åžãããŠããããã±ãŒãžãå«ãã§ãããã©ããã確èªããŸããã€ã¡ãŒãžã«ãã®ãããªã©ã€ã»ã³ã¹ã®ããã±ãŒãžãå«ãŸããŠããå Žåãæºæ ããŠããªããšèŠãªãããŸãã
ãã®ããªã·ãŒã確èªãã¹ãã©ã€ã»ã³ã¹ã®ãªã¹ãããèš±å¯ãªã¹ãïŒPURL 圢åŒïŒã§äŸå€ãèšå®ããããšãã§ããŸããããªã·ãŒã®èšå®ãåç §ããŠãã ããã
Up-to-Date Base Images
Up-to-Date Base Images ããªã·ãŒã¿ã€ãã¯ã䜿çšããŠããããŒã¹ã€ã¡ãŒãžãææ°ã§ãããã©ããã確èªããŸãã
ãã®ããªã·ãŒã«æºæ ããŠããªãå Žåã䜿çšããŠããã¿ã°ãç°ãªããã€ãžã§ã¹ããæããŠããããšãæå³ããŸããã€ãŸãã䜿çšããŠããããŒã¹ã€ã¡ãŒãžãææ°ã§ãªãå¯èœæ§ããããŸãã
ãã®ããªã·ãŒãæ£ããè©äŸ¡ãããã«ã¯ãã€ã¡ãŒãžã«ããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ãå¿ èŠã§ãã詳现㯠No base image data ãåç §ããŠãã ããã
High-Profile Vulnerabilities
High-Profile Vulnerabilities ããªã·ãŒã¿ã€ãã¯ãDocker Scout ã®ãã¥ã¬ãŒã·ã§ã³ããããªã¹ãã«åºã¥ããŠãã€ã¡ãŒãžãåºãèªèãããŠãããªã¹ã¯ã®é«ãè匱æ§ãå«ãã§ãããã©ããã確èªããŸãã
ãã®ãªã¹ãã«ã¯ä»¥äžã®è匱æ§ãå«ãŸããŠããŸãïŒ
- CVE-2014-0160 (OpenSSL Heartbleed)
- CVE-2021-44228 (Log4Shell)
- CVE-2023-38545 (cURL SOCKS5 heap buffer overflow)
- CVE-2023-44487 (HTTP/2 Rapid Reset)
- CVE-2024-3094 (XZ backdoor)
- CVE-2024-47176 (OpenPrinting -
cups-browsed
) - CVE-2024-47076 (OpenPrinting -
libcupsfilters
) - CVE-2024-47175 (OpenPrinting -
libppd
) - CVE-2024-47177 (OpenPrinting -
cups-filters
)
ãã®ããªã·ãŒã¯ãèšå®ãã«ã¹ã¿ãã€ãºããŠéèŠãšèŠãªããã CVE ãå€æŽã§ããŸããã«ã¹ã¿ã èšå®ãªãã·ã§ã³ã«ã¯ä»¥äžãå«ãŸããŸãïŒ
-
Excluded CVEs: ãã®ããªã·ãŒã§ç¡èŠããã CVE ãæå®ããŸãã
ããã©ã«ã:
[]
ïŒãã¹ãŠã®éèŠãª CVE ãå¯Ÿè±¡ïŒ -
CISA KEV: CISA ã®æ¢ç¥ã®æªçšãããè匱æ§ïŒKEVïŒã«ã¿ãã°ããã®è匱æ§ã®è¿œè·¡ãæå¹ã«ããŸãã
CISA KEV ã«ã¿ãã°ã«ã¯ãå®éã«æªçšãããŠããè匱æ§ãå«ãŸããŠããŸãããã®ãªãã·ã§ã³ãæå¹ã«ãããšãCISA KEV ã«ã¿ãã°ã«å«ãŸããè匱æ§ãæã€ã€ã¡ãŒãžã«ããªã·ãŒãã©ã°ãä»ããŸãã
ããã©ã«ãã§æå¹ã§ãã
ããªã·ãŒã®èšå®ã«ã€ããŠã®è©³çŽ°ã¯ãããªã·ãŒã®èšå®ãåç §ããŠãã ããã
Supply Chain Attestations
Supply Chain Attestations ããªã·ãŒã¿ã€ãã¯ãã€ã¡ãŒãžã« SBOM ãšããããã³ã¹ ã¢ãã¹ããŒã·ã§ã³ããããã確èªããŸãã
ã€ã¡ãŒãžã SBOM ã¢ãã¹ããŒã·ã§ã³ãŸãã¯ããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ã®ã©ã¡ãããæ¬ ããŠããå Žåãæºæ ããŠããªããšèŠãªãããŸãããã«ãæã«ã¢ãã¹ããŒã·ã§ã³ãè¿œå ããã«ã¯ã次ã®ã³ãã³ãã䜿çšããŠãã ããïŒ
$ docker buildx build --provenance=true --sbom=true -t <IMAGE> --push .
ãã«ãæã«ã¢ãã¹ããŒã·ã§ã³ã䜿çšããæ¹æ³ã«ã€ããŠã®è©³çŽ°ã¯ãã¢ãã¹ããŒã·ã§ã³ãã芧ãã ããã
GitHub Actions ã䜿çšããŠã€ã¡ãŒãžããã«ãããã³ããã·ã¥ããå Žåã¯ãSBOM ãšããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ãé©çšããããã®ã¢ã¯ã·ã§ã³ã®èšå®æ¹æ³ã確èªããŠãã ããã
Default Non-Root User
ããã©ã«ãã§ã¯ãDockerfile ã§ç°ãªããŠãŒã¶ãŒãæå®ããªãéããã³ã³ãã㯠root
ã¹ãŒããŒãŠãŒã¶ãŒãšããŠå®è¡ãããã³ã³ããå
ã§ã®ãã«ã·ã¹ãã 管çæš©éãæã¡ãŸããç¹æš©ãŠãŒã¶ãŒãšããŠã³ã³ãããå®è¡ãããšãã³ã³ããå
ã§å®è¡ãããã³ãŒãã管çæäœãå®è¡ã§ãããããå®è¡æã®ã»ãã¥ãªãã£ã匱ãŸããŸãã
Default Non-Root User ããªã·ãŒã¿ã€ãã¯ãããã©ã«ã㧠root
ãŠãŒã¶ãŒãšããŠå®è¡ãããããã«èšå®ãããã€ã¡ãŒãžãæ€åºããŸãããã®ããªã·ãŒã«æºæ ããã«ã¯ãã€ã¡ãŒãžæ§æã§éã«ãŒããŠãŒã¶ãŒãæå®ããå¿
èŠããããŸããå®è¡æã¹ããŒãžã§éã«ãŒãã®ããã©ã«ããŠãŒã¶ãŒãæå®ãããŠããªãã€ã¡ãŒãžã¯ãããªã·ãŒã«æºæ ããŠããªããšèŠãªãããŸãã
æºæ ããŠããªãã€ã¡ãŒãžã«ã€ããŠã¯ãè©äŸ¡çµæã« root
ãŠãŒã¶ãŒãæ瀺çã«èšå®ãããŠãããã©ããã衚瀺ãããŸããããã«ãããroot
ãŠãŒã¶ãŒãæé»çã«èšå®ãããŠããã€ã¡ãŒãžãšãæå³çã« root
ãŠãŒã¶ãŒãèšå®ãããŠããã€ã¡ãŒãžã®éããèå¥ããããšãã§ããŸãã
次㮠Dockerfile ã§ã¯ãæ瀺çã«èšå®ãããŠããªããŠãããã©ã«ã㧠root
ãšããŠå®è¡ãããŸãïŒ
FROM alpine
RUN echo "Hi"
次ã®äŸã§ã¯ãroot ãŠãŒã¶ãŒãæ瀺çã«èšå®ãããŠããŸãïŒ
FROM alpine
USER root
RUN echo "Hi"
ãã®ããªã·ãŒã¯ãã€ã¡ãŒãžæ§æ blob ã§èšå®ãããããã©ã«ããŠãŒã¶ãŒã®ã¿ããã§ãã¯ããŸããéã«ãŒãã®ããã©ã«ããŠãŒã¶ãŒãæå®ããŠããŠããdocker run
ã³ãã³ãã® --user
ãã©ã°ã䜿çšãããªã©ããŠãå®è¡æã«ããã©ã«ããŠãŒã¶ãŒãäžæžãããããšãå¯èœã§ãã
ãã®ããªã·ãŒã«æºæ ããããã«ã¯ãDockerfile
ã®USER
åœä»€ã䜿çšããŠãå®è¡æã¹ããŒãžã§ã«ãŒãæš©éãæããªãããã©ã«ããŠãŒã¶ãŒãèšå®ããŠãã ããã
以äžã® Dockerfile ã¹ããããã¯ãæºæ ããŠããã€ã¡ãŒãžãšæºæ ããŠããªãã€ã¡ãŒãžã®éãã瀺ããŠããŸãã
FROM alpine AS builder
COPY Makefile ./src /
RUN make build
FROM alpine AS runtime
COPY --from=builder bin/production /app
ENTRYPOINT ["/app/production"]
Approved Base Images
Approved Base Images ããªã·ãŒã¿ã€ãã¯ããã«ãã§äœ¿çšããããŒã¹ã€ã¡ãŒãžãç¶æãããŠãããå®å šã§ããããšã確èªããŸãã
ãã®ããªã·ãŒã¯ããã«ãã§äœ¿çšãããããŒã¹ã€ã¡ãŒãžãããªã·ãŒèšå®ã§æå®ããããã¿ãŒã³ã«äžèŽãããã©ããã確èªããŸãã以äžã¯ããã®ããªã·ãŒã§äœ¿çšã§ãããã¿ãŒã³ã®äŸã§ãã
䜿çšäŸ | ãã¿ãŒã³ |
---|---|
Docker Hub ã®ãã¹ãŠã®ã€ã¡ãŒãžãèš±å¯ãã | docker.io/* |
Docker ãªãã£ã·ã£ã«ã€ã¡ãŒãžããã¹ãŠèš±å¯ãã | docker.io/library/* |
ç¹å®ã®çµç¹ããã®ã€ã¡ãŒãžãèš±å¯ãã | docker.io/orgname/* |
ç¹å®ã®ãªããžããªã®ã¿ã°ãèš±å¯ãã | docker.io/orgname/repository:* |
ãã¹ãå registry.example.com ã®ã¬ãžã¹ããªäžã®ã€ã¡ãŒãžãèš±å¯ãã | registry.example.com/* |
NodeJS ã® slim ã¿ã°ä»ãã€ã¡ãŒãžãèš±å¯ãã | docker.io/library/node:*-slim |
ã¢ã¹ã¿ãªã¹ã¯ (*
) ã¯ãç¶ãæåãŸã§ããŸãã¯ã€ã¡ãŒãžãªãã¡ã¬ã³ã¹ã®æ«å°ŸãŸã§ã«äžèŽããŸããDocker Hub ã€ã¡ãŒãžã«äžèŽãããã«ã¯ãdocker.io
ãã¬ãã£ãã¯ã¹ãå¿
èŠã§ãããã㯠Docker Hub ã®ã¬ãžã¹ããªãã¹ãåã§ãã
ãã®ããªã·ãŒã«ã¯æ¬¡ã®ãªãã·ã§ã³ã§èšå®ã§ããŸãïŒ
-
Approved base image sources
èš±å¯ããã€ã¡ãŒãžãªãã¡ã¬ã³ã¹ã®ãã¿ãŒã³ãæå®ããŸããããªã·ãŒã¯ãããã®ãã¿ãŒã³ã«åºã¥ããŠããŒã¹ã€ã¡ãŒãžãè©äŸ¡ããŸãã
ããã©ã«ãïŒ
[*]
ïŒãã¹ãŠã®ãªãã¡ã¬ã³ã¹ãèš±å¯ãããããŒã¹ã€ã¡ãŒãžïŒ -
Only supported tags
Docker ãªãã£ã·ã£ã«ã€ã¡ãŒãžã®ãµããŒããããŠããã¿ã°ã®ã¿ãèš±å¯ããŸãã
ãã®ãªãã·ã§ã³ãæå¹ã«ãããšãå ¬åŒã€ã¡ãŒãžã®ãµããŒããããŠããªãã¿ã°ã䜿çšããŠããã€ã¡ãŒãžã¯ããªã·ãŒéåãšãªããŸããå ¬åŒã€ã¡ãŒãžã®ãµããŒããããŠããã¿ã°ã¯ãDocker Hub ã®ãªããžããªæŠèŠããŒãžã® Supported tags ã»ã¯ã·ã§ã³ã«èšèŒãããŠããŸãã
ããã©ã«ãã§æå¹ã§ãã
-
Only supported OS distributions
ãµããŒããããŠãã Linux ãã£ã¹ããªãã¥ãŒã·ã§ã³ããŒãžã§ã³ã® Docker ãªãã£ã·ã£ã«ã€ã¡ãŒãžã®ã¿ãèš±å¯ããŸãã
ãã®ãªãã·ã§ã³ãæå¹ã«ãããšããµããŒããããŠããªã Linux ãã£ã¹ããªãã¥ãŒã·ã§ã³ïŒäŸ:
ubuntu:18.04
ïŒã䜿çšããŠããã€ã¡ãŒãžã¯ããªã·ãŒéåãšãªããŸãããã®ãªãã·ã§ã³ãæå¹ã«ãããšãOS ããŒãžã§ã³ãå€å®ã§ããªãå Žåã«ãããŒã¿ãªãããšè¡šç€ºãããå¯èœæ§ããããŸãã
ããã©ã«ãã§æå¹ã§ãã
ãã®ããªã·ãŒãæ£ããè©äŸ¡ãããããã«ã¯ãã€ã¡ãŒãžã«ããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ãå¿ èŠã§ãã詳现ã«ã€ããŠã¯ãNo base image data ãåç §ããŠãã ããã
SonarQube Quality Gates
SonarQube Quality Gates ããªã·ãŒã¿ã€ãã¯ãSonarQube çµ±åã«åºã¥ããŠãœãŒã¹ã³ãŒãã®å質ãè©äŸ¡ããŸãããã®ããªã·ãŒã¯ãSonarQube ã®ã³ãŒãåæçµæã Docker Scout ã«åã蟌ã¿ãè©äŸ¡ãè¡ããŸãã
ãã®ããªã·ãŒã®åºæºã¯ãSonarQube ã®å質ã²ãŒãã䜿çšããŠå®çŸ©ããŸããSonarQube ã¯ãSonarQube ã§å®çŸ©ããå質ã²ãŒãã«åºã¥ããŠãœãŒã¹ã³ãŒããè©äŸ¡ããDocker Scout 㯠SonarQube ã®è©äŸ¡çµæã Docker Scout ã®ããªã·ãŒãšããŠè¡šç€ºããŸãã
Docker Scout ã¯ãããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ã org.opencontainers.image.revision
OCI ã¢ãããŒã·ã§ã³ã䜿çšããŠãSonarQube ã®åæçµæãšã³ã³ããã€ã¡ãŒãžããªã³ã¯ããŸããSonarQube çµ±åãæå¹ã«ããã ãã§ãªããã€ã¡ãŒãžã«ã¢ãã¹ããŒã·ã§ã³ãŸãã¯ã©ãã«ãå«ãŸããŠããããšã確èªããå¿
èŠããããŸãã
ã€ã¡ãŒãžãããã·ã¥ããŠããªã·ãŒè©äŸ¡ãå®äºãããšãSonarQube ã®å質ã²ãŒãã®çµæã Docker Scout ããã·ã¥ããŒãããã³ CLI ã«ããªã·ãŒãšããŠè¡šç€ºãããŸãã
Docker Scout ã¯ãçµ±åãæå¹ã«ããåŸã«äœæããã SonarQube åæçµæã«ã®ã¿ã¢ã¯ã»ã¹ã§ããŸããéå»ã®è©äŸ¡ã«ã¯ã¢ã¯ã»ã¹ã§ããŸãããçµ±åãæå¹ã«ããåŸã« SonarQube åæãšããªã·ãŒè©äŸ¡ãããªã¬ãŒããçµæã Docker Scout ã§ç¢ºèªããŠãã ããã
No base image data
ãã«ãã§äœ¿çšããããŒã¹ã€ã¡ãŒãžã®æ å ±ãç¹å®ã§ããªãå ŽåãUp-to-Date Base Images ããã³ Approved Base Images ããªã·ãŒã«ã¯ No data ãšãããã©ã°ãä»ããŸãã
ãã® âno dataâ ç¶æ ã¯æ¬¡ã®ãããªå Žåã«çºçããŸãïŒ
- Docker Scout ã䜿çšããããŒã¹ã€ã¡ãŒãžã¿ã°ãææ¡ããŠããªã
- 䜿çšããããŒã¹ã€ã¡ãŒãžããŒãžã§ã³ãè€æ°ã®ã¿ã°ãæã£ãŠãããããã¹ãŠã®ã¿ã°ãå€ãããã§ã¯ãªã
Docker Scout ãåžžã«ããŒã¹ã€ã¡ãŒãžã®æ å ±ãææ¡ã§ããããã«ããã«ãæã«ããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ãæ·»ä»ã§ããŸããDocker Scout ã¯ããããã³ã¹ã¢ãã¹ããŒã·ã§ã³ã䜿çšããŠããŒã¹ã€ã¡ãŒãžããŒãžã§ã³ãç¹å®ããŸãã