We’ve just released a new feature and custom policy rule in Datree for Docker images.
The policy allows you to whitelist and blacklist Docker images and versions in your projects.
Why this is useful
By blacklisting you can prevent devs from using images with security vulnerabilities, deprecated images, or images with components that are no longer maintained.
Say your team uses Alpine and you learn that Alpine v3.3-3.5 has a security vulnerability issue. You can go to Datree and see which repositories are currently using the image, and enable a Docker image policy that blocks developers from using the image.
Or you can use this policy to find and prevent usage of a deprecated image like jenkins/jenkins. Another example would be if your codebase is written in Python, you can use this policy to ensure noone is using Python 2.7 that’s no longer maintained.
Conversely, by whitelisting certain images and their versions as the only ones devs can use, you can ensure consistency and reduce maintenance burden.
How it works
See all versions of Docker images across all repos:
See in which repos the Docker images are being used:
Enforce your Docker image policy in pull requests:
To start using this policy, simply go to Custom Rules then create a new “custom Docker image” rule.
Streamline Docker images and versions with Datree
Free for Github accounts with less than 5 developers.