Feature request: Scan containers for vulnerabilities #9
kript
started this conversation in
Design Review
Replies: 1 comment
-
Yes, this is a good idea. I'll add it to the list of features to be implemented. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
There are a number of tools available to this project which could be used to do automated CI based Static Code Analysis against the SoftPack Builder artefacts such as Singularity (or Docker) Containers. Example are;
Having the CI check the containers as they are created and then over time would help flag vulnerable packages or security issues within the container themselves, and allow the HumGen Informatics team to either update the containers to let the researcher know of the vulnerability and any implications for their workflow or results..
Beta Was this translation helpful? Give feedback.
All reactions