Difficulty: Intermediate
Estimated Time: 10

Welcome to Docker Security Checker scenario :)

Hope you enjoyed learning more about docker-security-checker. Checkout more tools and utilities you might like at https://tools.tldr.run

Docker Security Checker

Step 1 of 5

What is docker-security-checker?

docker-security-checker scenario uses OPA (open policy agent) rego rules to perform security liniting on Dockerfiles using conftest.

What is Conftest?

Conftest is a utility to help you write tests against structured configuration data. For instance you could write tests for your Kubernetes configurations, or Tekton pipeline definitions, Terraform code, Serverless configs or any other structured data.

Conftest relies on the Rego language from Open Policy Agent for writing the assertions. You can read more about Rego in How do I write policies in the Open Policy Agent documentation.

What is OPA?

The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that let's you specify policy as code and simple APIs to offload policy decision-making from your software.