anchore-engine
quay
Our great sponsors
anchore-engine | quay | |
---|---|---|
3 | 4 | |
1,529 | 2,370 | |
- | 1.5% | |
4.0 | 9.7 | |
about 1 year ago | 6 days ago | |
Python | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
anchore-engine
-
A Tool To Advise What Apps Are Out Of Date Per Cluster?
There's also Anchore. - Also another thread w/ resources - https://www.reddit.com/r/kubernetes/comments/bx4w2h/track_outdated_images/.
-
How to Secure Your Kubernetes Clusters With Best Practices
Enable container image scanning in your CI/CD phase to catch known vulnerabilities using tools like clair or Anchore.
- What Vulnerability Scanning Services do you use?
quay
- 27 open-source tools that can make your Kubernetes workflow easier 🚀🥳
-
Quay.io has been down for 8+ hours
Not sure. I think since redhead bought them you can run it yourself https://github.com/quay/quay. Though if those who own it can’t keep good uptime how would anyone else.
- Scanning OpenShift containers for security issues
-
Private container registry
The ‘Getting Started’ points to the deployment instructions: https://github.com/quay/quay#getting-started Points to: https://access.redhat.com/documentation/en-us/red_hat_quay/3.3/
What are some alternatives?
grype - A vulnerability scanner for container images and filesystems
kubetail - Bash script to tail Kubernetes logs from multiple pods at the same time
dagda - a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
kube-state-metrics - Add-on agent to generate and expose cluster-level metrics.
aura - Python source code auditing and static analysis on a large scale
distribution - The toolkit to pack, ship, store, and deliver container content
jellyfin-session-kicker - Session kicker after X amount of watch time for Jellyfin
kubespray - Deploy a Production Ready Kubernetes Cluster
docker-bench-security - The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
devops-exercises - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
ThreatMapper - Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
kaniko - Build Container Images In Kubernetes