undefined | Better HN

0 pointsbauruine3y ago0 comments

>Now we just build our stuff using wathever curated image is there that can be used and ship it without worrying about OS patches.

So you basically replaced the "we regularly have to update the OS" with "we regularly have to pull the newest image". It's possible because I have a Linux admin background but I don't see that big of a difference here. Oh and just using whatever curated image is there doesn't necessarily provide you with a secure environment. [0]

[0] https://snyk.io/blog/top-ten-most-popular-docker-images-each...

0 comments

1 comments · 1 top-level

irusensei3y ago

Hi. Sorry if I didn’t made this clear. By curated I meant images that were security scanned and approved before being published on the company internal registry. Those images shouldn’t have the issues listed on the link you posted.

j / k navigate · click thread line to collapse