Google Cloud rolls out security feature for container images
Google on Wednesday announced a new feature for developers in the early stages of the continuous integration and continuous delivery (CI/CD) process. All container images built using Cloud Build, Google’s fully-managed CI/CD platform, will now be automatically scanned for OS package vulnerabilities. The Container Registry vulnerability scanning feature is currently in beta.
The images will be scanned for vulnerabilities when they’re pushed to Container Registry once the Container Analysis API is enabled. Vulnerability scanning is also integrated with Binary Authorization, a deploy-time security control that ensures only trusted container images are automatically deployed on Kubernetes Engine.
The new feature should help prevent the deployment of vulnerable images, and it should reduce the time spent dealing with security issues downstream, Google says.
In other news related to developer productivity, Google announced it’s revamped Cloud Source Repositories. The updated version, now in beta, features a new user interface as well as semantic code search capabilities. The code search function is powered by the same underlying code search infrastructure that Google engineers use.
Google on Wednesday also announced the general availability of Cloud Memory store for Redis, a fully-managed in-memory data store service built on Google infrastructure. Cloud Memorystore automates complex tasks like provisioning, scaling, failover and monitoring. Cloud Memory store was one of multiple managed database services Google rolled out earlier this year.