docker-dhcpd icon indicating copy to clipboard operation
docker-dhcpd copied to clipboard

Published 20 hours ago verified publisher icon networkboot

Use GitHub actions build steps from verified authors for improved security

Open robinsmidsrod opened this issue 2 years ago • 0 comments

The GitHub Actions workflows we have are currently using automation steps from unknown/non-verified authors, which can potentially inject malicious code into our image, or perform malicious behavior during build.

To improve this we should use verified build steps, like this one:

https://github.com/marketplace/actions/build-and-push-docker-images

robinsmidsrod avatar Aug 09 '22 17:08 robinsmidsrod