Member-only story
Introduction
In this post I would like to show container image security diagnostic tool Dockle, which You can use to check the particularly dangerous items from the container image, and also check that the container image according to the best practice is created based on the command history saved in the image
How use it ?
After installation, all you have to do is specify the image name. You don’t need to prepare anything else, you don’t even need Docker.
- Installation on OSX
$ brew install goodwithtech/r/dockle- Installation on Linux
# RHEL
$ VERSION=$(
curl --silent "https://api.github.com/repos/goodwithtech/dockle/releases/latest" | \
grep '"tag_name":' | \
sed -E 's/.*"v([^"]+)".*/\1/' \
) && rpm -ivh https://github.com/goodwithtech/dockle/releases/download/v${VERSION}/dockle_${VERSION}_Linux-64bit.rpm#Ubuntu
$ VERSION=$(
curl --silent "https://api.github.com/repos/goodwithtech/dockle/releases/latest" | \
grep '"tag_name":' | \
sed -E 's/.*"v([^"]+)".*/\1/' \
) && curl -L -o dockle.deb…
