loader from loading.io

Chainguard and Securing Your Containers with Adrian Mouat

The Modern .NET Show

Release Date: 10/11/2024

Umbraco Unplugged: Emma Burstow & Mats Persson on Umbraco Being The Friendly, Truly Open-Source, CMS show art Umbraco Unplugged: Emma Burstow & Mats Persson on Umbraco Being The Friendly, Truly Open-Source, CMS

The Modern .NET Show

Strategic Technology Consultation Services This episode of The Modern .NET Show is supported, in part, by . If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk. Show Notes "From the first engagement with any from Umbraco, it's been a friendly approach. We are friendly. It's a part of our DNA. Professional. We take our work dead seriously, but we want to have fun, but we are friendly."— Mats Persson Hey everyone, and welcome back to The...

info_outline Learning Azure with Jonah Andersson: A Developer's Guide to Cloud Computing and Development Fundamentals show art Learning Azure with Jonah Andersson: A Developer's Guide to Cloud Computing and Development Fundamentals

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "So the cloud adoption framework actually has a lot of steps for organizations or IT teams to start assessing their existing environments first and planning the stage before they modernise and migrate to Azure. And then the well-architected framework allows the team, whoever is involved, developers, engineers, or architects,...

info_outline Dapr: The Secret Sauce to Simplifying Distributed Applications with Mark Fussell show art Dapr: The Secret Sauce to Simplifying Distributed Applications with Mark Fussell

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "Yeah, exactly. In fact, one of the central premises of Dapr has, you know, one of its goals is not only to be multi-language, in that anyone can use the APIs from any language they come from. So it has SDKs. First, you can call it HTTP if that's all you care about. But it has SDKs for Java, JavaScript, of course, .NET, Python,...

info_outline .NET Aspire: How Maddy Montaquila and the .NET Team Are Revolutionizing Development show art .NET Aspire: How Maddy Montaquila and the .NET Team Are Revolutionizing Development

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "If your app has a backend, it's Aspire-able. And so it's tools, templates, and packages for really any type of app… So just being able to walk up to a repo, clone it, and hit F5. When was the last time we were able to do that? Like, ten years ago, maybe?"— Maddy Montaquila Welcome friends to The Modern .NET Show; the premier...

info_outline .NET Web App Modernization Made Easy with Tomáš Herceg's New Book and DotVVM show art .NET Web App Modernization Made Easy with Tomáš Herceg's New Book and DotVVM

The Modern .NET Show

DotConnect and Entity Developer and boost .NET development with high-performance ADO .NET providers and visual ORM builder. Try a 30-day free trial now! Show Notes "I remember I had the entire life cycle of the web forms printed on a wall. It was like six sheets of paper and it was very complex, and it was very useful to have it on the wall because, like, you could always look at it and say, "okay, this is going on before this one." So you have to like switch the order of things. But that's exactly what I call interesting"— Tomáš Herceg Welcome friends to The Modern .NET Show; the...

info_outline Jonathan Peppers Unleashes Code Chaos: How .NET Meets the NES show art Jonathan Peppers Unleashes Code Chaos: How .NET Meets the NES

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "When you program for the NES you deeply need to understand the hardware, right. And that's not a thing; like as a .NET developer you don't really know what a register is, or like or a bus, or like NES has a thing called a PPU"— Jonathan Peppers Welcome friends to The Modern .NET Show; the premier .NET podcast, focusing...

info_outline Google Gemini in .NET: The Ultimate Guide with Jochen Kirstaetter show art Google Gemini in .NET: The Ultimate Guide with Jochen Kirstaetter

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "So on my side it was actually, the interesting experience was that I kind of used it one way, because it was mainly about reading the Python code, the JavaScript code, and, let’s say like, the Go implementations, trying to understand what are the concepts, what are the ways about how it has been implemented by the different...

info_outline From Code to Cloud in 15 Minutes: Jason Taylor's Expert Insights And The Clean Architecture Template show art From Code to Cloud in 15 Minutes: Jason Taylor's Expert Insights And The Clean Architecture Template

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "So I've been focused on the code to cloud journey, I like to call it, for the template. And two years ago, my goal was to provide a solution that could take you from code to cloud in 45 minutes or less. So I wanted it to be "file new project" to deploy a solution on Azure—because that's where my main focus is—within 45...

info_outline Deploying With Confidence: Sam Gomez on Terraform, Bicep, and Infrastructure as Code show art Deploying With Confidence: Sam Gomez on Terraform, Bicep, and Infrastructure as Code

The Modern .NET Show

Show Notes "If you talk to people that have been doing Terraform for many years, they're going to tell you that, "Terraform is the law and Terraform is the way to go." But like you said, there's different tools, I would say, or languages that you can use for infrastructure as code. And it really depends what you want to do, what your developers are used to or are comfortable with and what works with your organization as it should be with any tool in software development. You got to grab the one or use the one that is more appropriate for your use case, your scenario, your organization"— Sam...

info_outline Metaprogramming Made Accessible: Gael Fraiteur Explores the World of Metalama show art Metaprogramming Made Accessible: Gael Fraiteur Explores the World of Metalama

The Modern .NET Show

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by , whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "And I think this is really the key factor in software development. I think it's really to keep complexity low, because in most projects, unless you are writing an operating system, a framework or rocket navigation you are not coding against hardware; like the hardware is not your bottleneck. You are coding against human brains,...

info_outline
 
More Episodes

RJJ Software's Software Development Service

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Podcasting Services, whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations.

Show Notes

"Okay. So I’ll come on to that point is that’s obviously something i’d like to talk about. But a couple of things I should mention, I guess. That I think you’re absolutely right with all the points you raised, but we are trying to work on on everything there. So a couple of things are worth pointing out: one is docker-init; so nowadays if you start in like a new project with python or node or whatever, you can run the docker-init command, and what that will do is like create a dockerfile and a couple of other files, I think, to help you get started, and it sort of contains that the best practices. So to try and help you get over the hump of trying to understand how to create a dockerfile, and all the different ways you can build that without needing to know everything. So I think that really helps."—Adrian Mouat

Welcome friends to The Modern .NET Show; the premier .NET podcast, focussing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. We are the go-to podcast for .NET developers worldwide, and I am your host: Jamie "GaProgMan" Taylor.

In this episode, Adrian Mouat joined us to talk about Chainguard, what a distroless container is, a number of tools that you can use to check whether your containers have any CVEs present, attestations and reproducibility, and a number of ways to secure your applications once they are running in the wild.

"Yeah, I like your point there about showing your receipts. So in attestations, you can also say things like, you know, “we did do this on this image.” You can create an attestation that says, “hey, I ran a scanner on this image and I had this output at this time.” And because it’s all signed, you know that that did happen, if you like. Yeah, and also like, you know, you could have an attestation that said, “I ran these tests on this image at this time and this was the output,” sort of thing. So it’s sort of proving that certain steps were taken."— Adrian Mouat

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

Supporting the Show

If you find this episode useful in any way, please consider supporting the show by either leaving a review (check our review page for ways to do that), sharing the episode with a friend or colleague, buying the host a coffee, or considering becoming a Patron of the show.

Full Show Notes

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-7/chainguard-and-securing-your-containers-with-adrian-mouat/

Useful Links

Supporting the show:

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.