implementing-container-image-minimal-base-with-distroless
CommunityHarden images with distroless minimal bases
Software Engineering#attack surface#trivy#distroless#image scanning#container hardening#multi-stage dockerfile#kubernetes debugging
Authorriandeoliveira
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you reduce container attack surface by moving from traditional OS-based base images to Google distroless images that remove shells, package managers, and unnecessary utilities.
Core Features & Use Cases
- Multi-stage build guidance: Provides concrete Dockerfile patterns for Go, Java, Python, and Node.js to ensure only runtime artifacts land in the distroless stage.
- Security posture comparison: Includes a script to scan images with Trivy and compare vulnerability and size reductions between a standard base and a distroless equivalent.
- Distroless property validation: Checks whether an image actually behaves like distroless (e.g., no shell and no detected package manager), helping you verify hardening results.
Quick Start
Run the distroless migration assessment by scanning and comparing your current base image against a chosen distroless runtime image, then review the generated report in JSON.
Dependency Matrix
Required Modules
argparsejsonloggingossubprocessdatetime
Components
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: implementing-container-image-minimal-base-with-distroless Download link: https://github.com/riandeoliveira/aspnet-template/archive/main.zip#implementing-container-image-minimal-base-with-distroless Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.