[Cialug] Automatic container updates
Adam Shannon
adam at ashannon.us
Mon Apr 25 23:10:55 UTC 2022
When building an image Docker and Podman can automatically pull (--pull) a newer revision of a tag. Useful if you're using debian:stable or alpine:3.15 as a base image.
There are some robots (e.g. renovate) that can open pull requests with updated Dockerfile/Podfile contents.
https://docs.podman.io/en/latest/markdown/podman-build.1.html#pull
------- Original Message -------
On Monday, April 25th, 2022 at 5:51 PM, Andy Denner <linux-list at upeke.com> wrote:
>
>
> So what I have heard for the standard process is to have your CI/CD
> process that builds your images set as a scheduled task to build your
> container periodically. (if it is a local docker instance and no ci/cd
> you could do the same with cron). Cycling and refreshing your
> containers also helps enforce the cattle not pets idea.
>
> Some of the more security forward places have a policy to not have any
> containers sitting around that are older than x (i.e. 90 days).
>
> L. V. Lammert wrote on 4/25/2022 3:33 PM:
>
> > Been using Greenbone for security scans, .. but if the version running is
> > not current, the scans are useless and, unfortunately, the tag is not
> > useful:
> >
> > securecompliance/gvm debian-master-data-full b6e23911f4f6 4 months ago 6.12GB
> >
> > What's the best way to check for a new version and automatically pull?
> >
> > Thanks!
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
More information about the Cialug
mailing list