I've seen some other questions on this, although some are 2+ years old - I'm looking to try to 'validate' the docker image running my code hasn't been extended and messed with. Does anyone know a way to secure the contents of a container so I can deliver a docker image as a means of delivering a service to a customer - and it will be running in their cluster - so I have little to no control on startup, environment, etc....
To me, being able to 'checksum' an image is pretty core to using docker as a means of delivering solutions to 3rd parties.
Any help would be appreciated. Thanks!
If you push the image to a docker registry and pull the image to run it on their cluster, you can use docker images --digests
to view the checksum of all your images.
When pushing or pulling to a 2.0 registry, the push or pull command output includes the image digest. You can pull using a digest value. You can also reference by digest in create, run, and rmi commands, as well as the FROM image reference in a Dockerfile.
Ref: https://docs.docker.com/engine/reference/commandline/images/#list-image-digests
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.