dotnet-docker
grype
dotnet-docker | grype | |
---|---|---|
24 | 56 | |
4,228 | 7,678 | |
0.9% | 2.3% | |
9.4 | 9.5 | |
3 days ago | 1 day ago | |
Dockerfile | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dotnet-docker
-
Exploring .NET 8 Preview 3: The 7 Features You Need to Know
This cool method lets you whip up optimized apps that get along swimmingly with Docker. Neat, huh? --platform values. Take a peek at this sample to see the pattern in action!
-
Need Help with C# on raspberry
You can also use the .NET Docker images to run (or build from source and then run) .NET applications.
-
Portability is a nightmare
Sadly, lots of dotnet apps still out there. Luckily, there's a container for that too!
-
SSL Connection Issue on Lidarr startup (Raspberry Pi 4)
A search of "alpine 3.17 ssl" brings up this link that shows the same error.
-
(.NET/Azure) Docker mentor
Actually, it looks like I am a bit out of the loop, and there is an official .NET runtime for Linux, so you can use it like any other Linux docker images. Looks like there are examples here: https://github.com/dotnet/dotnet-docker
-
Is this Dockerfile ready for production? Is the container automatically secure?
It is good that you are thinking about security 😊. there is an issue in dotnet repo here https://github.com/dotnet/dotnet-docker/issues/1772 that have hardened examples.
-
Why the fuck did Microsoft name everything .NET?
You can use .NET without using ASP.NET Core (yes, the names are confusing right now, they dropped the "Core" suffix for the platform but did not drop the suffix for the web framework). Microsoft publishes a Docker image for .NET for when you just want to run some compiled CIL, but they also provide a Docker image where it includes .NET and ASP.NET Core for when you run a compiled ASP.NET Core web app. (https://hub.docker.com/_/microsoft-dotnet/)
-
Multi-Image Docker Images: Using COPY with Images directly from registries
Keeping the whole Maritime theme alive with Docker (and Kubernetes), I jumped into the sea of Docker Hub with millions of containers and found out that Microsoft hosts all the .NET related container images as .NET by Microsoft registry.
-
Docker multi-architecture, .NET 6.0 and OpenCVSharp
ARG OPENCV_SHARP_BUILD_TAG=2 ARG SDK_VERSION=6.0.202-bullseye-slim-amd64 ARG RUNTIME_VERSION=6.0.4-bullseye-slim FROM syamaner/opencvsharp-build:$OPENCV_SHARP_BUILD_TAG AS opencv # Given we are building a .Net application, the build does not have to be in the target architecture. # Reference: https://github.com/dotnet/dotnet-docker/issues/1537#issuecomment-755351628 FROM mcr.microsoft.com/dotnet/sdk:$SDK_VERSION as build ARG TARGETPLATFORM WORKDIR /src COPY . . # Select the correct RID for the target architecture. # run dotnet publish as usual and pass the RID. RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ RID=linux-x64 ; \ elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ RID=linux-arm64 ; \ elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ RID=linux-arm ; \ fi && \ dotnet publish -c release -o /app -r $RID --self-contained false # Copy the application as well as native dependencies to the final stage and build the final image without any unnecessary files. FROM mcr.microsoft.com/dotnet/runtime:$RUNTIME_VERSION as final WORKDIR /app # Copy opencv sharp native binding and runtime dependencies. COPY --from=opencv /artifacts/ /usr/lib/ RUN ldconfig COPY --from=build /app/ /app/ ENTRYPOINT [ "dotnet", "/app/OpenCVSharpBenchmarkApp.dll" ]
- Dockerizing ASP.NET hello world - few questions from .NET newbie
grype
-
Introduction to the Kubernetes ecosystem
Trivy Operator : A simple and comprehensive vulnerability scanner for containers and other artifacts. It detects vulnerabilities of OS packages (Alpine, Debian, CentOS, etc.) and application dependencies (pip, npm, yarn, composer, etc.) (Alternatives : Grype, Snyk, Clair, Anchore, Twistlock)
- Suas imagens de container não estão seguras!
-
I looked through attacks in my access logs. Here's what I found
Besides pointing pentester tools like metasploit at yourself, there are some nice scanners out there.
https://github.com/quay/clair
https://github.com/anchore/grype/
-
Distroless images using melange and apko
Using Grype:
-
Scanning and remediating vulnerabilities with Grype
In the lab to follow, we'll see how vulnerability scanning can be conveniently achieved with Grype and how various systematic techniques can be applied to start securing our microservices at the container image level.
-
Understanding Container Security
Scanning your container images for vulnerabilities is a good approach. But this scanning is not one time job, it should be done regularly (weekly, monthly, etc.) You need to follow vulnerability reports and fix all of the vulnerabilities as soon as possible. I recommend some open-source tools that could be useful: Trivy, Docker-Bench, Grype.
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
Grype is another popular open source tool from Anchore. Working with SBOM files, Grype scans container images and filesystems for vulnerabilities. Grype supports different output formats for vulnerabilities and custom templates for output.
-
Best vulnerability scanner for DevOps
Grype (https://github.com/anchore/grype)
-
Security docker app
Grype will allow you to scan a container to see if you have any vulnerable packages.
-
Open source container scanning tool to find vulnerabilities and suggest best practice improvements?
https://github.com/anchore/grype 5.6k stars, updated 3 days ago
What are some alternatives?
OpenCvSharp - OpenCV wrapper for .NET
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
docker-multi-arch-opencvsharp - A demonstration of Docker multi architecture build for native dependencies for amd64, amrm64 and arm32 architecture
anchore-engine - A service that analyzes docker images and scans for vulnerabilities
opencv_contrib - Repository for OpenCV's extra modules
clair - Vulnerability Static Analysis for Containers
dotnet-framework-docker - The repo for the official docker images for .NET Framework on Windows Server Core.
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
sdk - Core functionality needed to create .NET Core projects, that is shared between Visual Studio and CLI
opencve - CVE Alerting Platform
OpenCV - Open Source Computer Vision Library
falco - Cloud Native Runtime Security