The Shift Left approach to DevOps Security is becoming increasingly popular, which means that security must be built into the process and pipeline. One of the biggest problems with shortened pipelines is that they often leave little room for proper security checks. Due to this, another approach called deploy changes as quickly as possible was introduced, which is key to the success of DevOps.
In this section, we will cover automating vulnerability checks in container images using Aqua Security to reduce the application attack surface.
Getting ready
Make sure you have an existing CI/CD pipeline configured using your preferred CI/CD tool. If not, follow the instructions in Chapter 3, Building CI/CD Pipelines, to configure GitLab or CircleCI.
Clone the k8sdevopscookbook/src repository to your workstation to use the manifest files in the chapter9 directory, as follows:
$ git clone https://github.com/k8sdevopscookbook/src.git
$ cd src...
