Nov 10, 2025 · 6 min read · For this 4th part, I'll cover Docker image building, scanning and publishing. Prerequisites: Read Part 1: Tests & Build Read Part 2: Run and Stress Tests Read Part 3: Modularizing CI Jobs I'll first create a Dockerfile to "dockerize" my Go app...
Join discussion
Jul 2, 2025 · 3 min read · 📘 Introduction In this blog, we will explore how to containerize a two-tier Java application using Docker, manage services with Docker Compose, and ensure image security through Docker Scout. We'll walk through a practical use case: a Java Spring Bo...
Join discussion
May 24, 2025 · 4 min read · Summary of Your Pipeline Workflow Pipeline Highlights: Jenkins-driven CI/CD pipeline with GitHub webhook Static code analysis via SonarQube OWASP dependency check and Trivy file scan Docker image build, scan (Docker Scout), and push to DockerHub ...
Join discussion
Apr 3, 2025 · 19 min read · Modern software development requires security to be integrated throughout the entire pipeline rather than being an afterthought. This project demonstrates a comprehensive DevSecOps implementation that deploys an Amazon Prime clone application securel...
Join discussion
Nov 29, 2024 · 1 min read · What is Docker Scout? Docker Scout is like a helper that checks your Docker images for problems, like security risks or outdated parts, and gives suggestions to fix them. It’s a simple way to keep your containers safe and up-to-date! How to use Docke...
Join discussion
Sep 12, 2024 · 8 min read · In this blog, we’ll guide you through deploying a Starbucks clone on AWS using a DevSecOps approach. This method combines development, security, and operations practices to ensure a smooth and secure deployment. We’ll cover the key steps, the technol...
Join discussionAug 13, 2024 · 3 min read · Introduction to Docker Compose Docker Compose is a powerful tool that allows you to define and manage multi-container Docker applications. With Docker Compose, you can define your application’s services, networks, and volumes in a simple YAML file, a...
Join discussionJul 25, 2024 · 3 min read · This is describes how to scrape the metrics endpoint using Prometheus. 🌟 Add a job for your organization: In the Prometheus configuration file, add a new job for your organization. The job should include the following configuration; replace ORG with...
Join discussion
Jul 20, 2024 · 5 min read · Docker Scout exposes a metrics HTTP endpoint that lets you scrape vulnerability and policy data from Docker Scout, using Prometheus or Datadog. With this you can create your own, self-hosted Docker Scout dashboards for visualizing supply chain metric...
Join discussion
