Reply to post: Supply chain management

Docker Hub images buggy and vulnerable, say researchers

Anonymous Coward
Anonymous Coward

Supply chain management

It's going to come down to the IT equivalent of supply chain management making sure of the provenance of each element of the container, current patching levels for those elements, and noting incompatibilities that are reported to the developers. Further, every developer is going to have to spin up a current image and test their modifications although we have automatic building and testing tools, so it shouldn't be impossible to restructure the processes for containers. Difficult I'll buy.

Like many an admin I have my fairly hefty collections of images here and keeping them spruced up is a headache. Since the images rarely change, individually, I tweak them during the full system backup window. Watching the backups or building images. Sheesh. Some Sunday!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022