Post Content
On this episode, we are going to explore the process of implementing continuous vulnerability patching for container images hosted in the GitHub Container Registry (GHCR) using Copacetic. This session will provide a detailed walkthrough of configuring an automated workflow that integrates the Trivy vulnerability scanner with the Copacetic CLI tool to identify and remediate security issues in container images. Leveraging GitHub Actions, we will demonstrate how to establish a streamlined pipeline for maintaining up-to-date, secure images with minimal manual intervention.
Chapters:
00:00 Introduction
00:48 What is Copacetic
04:06 Continuous Patching workflow of your container images
14:23 Using dependabot to create PRs to notify the teams
16:42 How to Contribute and Getting Started
Resources:
Find the latest info about the open-source Copacetic project available at: https://github.com/project-copacetic/copacetic and https://project-copacetic.github.io/copacetic/website/
Introduction to Copa: https://youtu.be/DUt4wnKV4a8?si=KJj96-dlDoERKHe4
The AKS Community channel for more content: https://www.youtube.com/@theakscommunity
AKS Engineering Blog https://azure.github.io/AKS/
Let’s connect:
Jorge Arteiro | https://www.linkedin.com/in/jorgearteiro
Joshua Duffney | https://www.linkedin.com/in/joshduffney
Submit Your OSS Project for Open at Microsoft https://aka.ms/OpenAtMsCFP
Subscribe to the Open at Microsoft: https://aka.ms/OpenAtMicrosoft
Open at Microsoft Playlist: https://aka.ms/OpenAtMicrosoftPlaylist
New episode every Tuesday! Read More Microsoft Developer
