We’ve just released a new feature and custom policy rule in Datree for Docker images.
The policy allows you to whitelist and blacklist Docker images and versions in your projects.
By blacklisting you can prevent devs from using images with security vulnerabilities, deprecated images, or images with components that are no longer maintained.
Say your team uses Alpine and you learn that Alpine v3.3-3.5 has a security vulnerability issue. You can go to Datree and see which repositories are currently using the image, and enable a Docker image policy that blocks developers from using the image.
Or you can use this policy to find and prevent usage of a deprecated image like jenkins/jenkins. Another example would be if your codebase is written in Python, you can use this policy to ensure noone is using Python 2.7 that’s no longer maintained.
Conversely, by whitelisting certain images and their versions as the only ones devs can use, you can ensure consistency and reduce maintenance burden.
See all versions of Docker images across all repos:
See in which repos the Docker images are being used:
Enforce your Docker image policy in pull requests:
To start using this policy, simply go to Custom Rules then create a new “custom Docker image” rule.
How we created this GitHub best practices list We interviewed hundreds of software developers, and perfomed code scanning on thousands of GitHub repositories using…
DevOps isn’t only a fun amalgam of two terms (developers and operations), it has its own culture within small organizations, startups, and digital factories where