dotnet-docker
trivy
dotnet-docker | trivy | |
---|---|---|
24 | 83 | |
4,228 | 21,388 | |
0.9% | 1.9% | |
9.4 | 9.8 | |
3 days ago | 5 days ago | |
Dockerfile | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dotnet-docker
-
Exploring .NET 8 Preview 3: The 7 Features You Need to Know
This cool method lets you whip up optimized apps that get along swimmingly with Docker. Neat, huh? --platform values. Take a peek at this sample to see the pattern in action!
-
Need Help with C# on raspberry
You can also use the .NET Docker images to run (or build from source and then run) .NET applications.
-
Portability is a nightmare
Sadly, lots of dotnet apps still out there. Luckily, there's a container for that too!
-
SSL Connection Issue on Lidarr startup (Raspberry Pi 4)
A search of "alpine 3.17 ssl" brings up this link that shows the same error.
-
(.NET/Azure) Docker mentor
Actually, it looks like I am a bit out of the loop, and there is an official .NET runtime for Linux, so you can use it like any other Linux docker images. Looks like there are examples here: https://github.com/dotnet/dotnet-docker
-
Is this Dockerfile ready for production? Is the container automatically secure?
It is good that you are thinking about security 😊. there is an issue in dotnet repo here https://github.com/dotnet/dotnet-docker/issues/1772 that have hardened examples.
-
Why the fuck did Microsoft name everything .NET?
You can use .NET without using ASP.NET Core (yes, the names are confusing right now, they dropped the "Core" suffix for the platform but did not drop the suffix for the web framework). Microsoft publishes a Docker image for .NET for when you just want to run some compiled CIL, but they also provide a Docker image where it includes .NET and ASP.NET Core for when you run a compiled ASP.NET Core web app. (https://hub.docker.com/_/microsoft-dotnet/)
-
Multi-Image Docker Images: Using COPY with Images directly from registries
Keeping the whole Maritime theme alive with Docker (and Kubernetes), I jumped into the sea of Docker Hub with millions of containers and found out that Microsoft hosts all the .NET related container images as .NET by Microsoft registry.
-
Docker multi-architecture, .NET 6.0 and OpenCVSharp
ARG OPENCV_SHARP_BUILD_TAG=2 ARG SDK_VERSION=6.0.202-bullseye-slim-amd64 ARG RUNTIME_VERSION=6.0.4-bullseye-slim FROM syamaner/opencvsharp-build:$OPENCV_SHARP_BUILD_TAG AS opencv # Given we are building a .Net application, the build does not have to be in the target architecture. # Reference: https://github.com/dotnet/dotnet-docker/issues/1537#issuecomment-755351628 FROM mcr.microsoft.com/dotnet/sdk:$SDK_VERSION as build ARG TARGETPLATFORM WORKDIR /src COPY . . # Select the correct RID for the target architecture. # run dotnet publish as usual and pass the RID. RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ RID=linux-x64 ; \ elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ RID=linux-arm64 ; \ elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ RID=linux-arm ; \ fi && \ dotnet publish -c release -o /app -r $RID --self-contained false # Copy the application as well as native dependencies to the final stage and build the final image without any unnecessary files. FROM mcr.microsoft.com/dotnet/runtime:$RUNTIME_VERSION as final WORKDIR /app # Copy opencv sharp native binding and runtime dependencies. COPY --from=opencv /artifacts/ /usr/lib/ RUN ldconfig COPY --from=build /app/ /app/ ENTRYPOINT [ "dotnet", "/app/OpenCVSharpBenchmarkApp.dll" ]
- Dockerizing ASP.NET hello world - few questions from .NET newbie
trivy
-
Cloud Security and Resilience: DevSecOps Tools and Practices
4. Trivy: https://github.com/aquasecurity/trivy Trivy is a versatile tool that scans for vulnerabilities in your containers, and also checks for vulnerabilities in your application dependencies.
-
A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec
- Suas imagens de container não estão seguras!
-
General Docker Troubleshooting, Best Practices & Where to Go From Here
Trivy. A Simple and Comprehensive Vulnerability Scanner for Containers.
-
Distroless images using melange and apko
Using Trivy:
- Friends - needs help choosing solution for SBOM vulnerability
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
Trivy is a mature and comprehensive open source tool from Aqua Security that supports scanning multiple sources, from file systems to containers and VMs. Trivy also looks beyond vulnerabilities, to scan licenses, secrets, infrastructure as code misconfiguration, and more.
- Best vulnerability scanner for DevOps
-
About Cloudflare Tunnels
I would suggest to think about the thread model that you are facing so you can have a better mental model of the weak points of your environment. The very very big majority of these attacks will be automated probing for publicly known vulnerabilities or default credentials. That means the maintainers of the software you are running and the channels on which their updates are shipped to you and deployed are very important factors. For software that is not installed from a trusted and well maintained source (e.g. Ubuntus main repository), you want to make extra sure that vulnerabilities are updated. E.g. your deployed docker containers might contain security issues, you can run checks on these with tools like trivy. The same is also true for appliances, in case your router or firewall contains a software vulnerability, how will you be notified and how will the required updates be deployed?
- Docker image vulnerabilities scanning trivy vs synk.io
What are some alternatives?
OpenCvSharp - OpenCV wrapper for .NET
snyk - Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
docker-multi-arch-opencvsharp - A demonstration of Docker multi architecture build for native dependencies for amd64, amrm64 and arm32 architecture
grype - A vulnerability scanner for container images and filesystems
opencv_contrib - Repository for OpenCV's extra modules
clair - Vulnerability Static Analysis for Containers
dotnet-framework-docker - The repo for the official docker images for .NET Framework on Windows Server Core.
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
sdk - Core functionality needed to create .NET Core projects, that is shared between Visual Studio and CLI
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
OpenCV - Open Source Computer Vision Library
falco - Cloud Native Runtime Security