Maintain the Images
From Gcube Wiki
Find, Fix and Monitor for Image Vulnerabilities
Docker images must be considered (and are) Operating Systems with their packages installed. As such, they are subject to vulnerabilities posing risks that must be discovered and promptly fixed when patches and upgrades are made available.
Tools to evaluate:
- Snyk: https://snyk.io/
- Clair: https://github.com/quay/clair
Scheduled (Monthly) Patching
Back to the Docker guide.