awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
GoogleCloudPlatform avatar

GoogleCloudPlatform/distroless

0
View on GitHub↗
22,774 estrellas·1,405 forks·Starlark·Apache-2.0·2 vistas

Distroless

Distroless provides a set of OCI-compliant minimal base images and hardening tools designed to create secure, language-specific execution environments. These images are stripped of non-essential system binaries, shells, and package managers to reduce the container attack surface.

The project utilizes upstream-tracked automated patching to monitor operating system releases and generate updated images when security vulnerabilities are addressed. It ensures supply chain integrity through image provenance verification using ephemeral-key digital signatures.

The system supports the generation of minimal runtime environments for specific programming languages, bundling only the required shared libraries. For observability, it employs a dual-mode layering approach that allows for internal inspection via separate shell-enabled debug images.

Features

  • Language Base Images - Provides standardized, OCI-compliant minimal base images with pre-installed language runtimes for secure execution.
  • Minimal Runtime Environments - Generates stripped-down runtime environments containing only the application and language dependencies.
  • System Binary Stripping - Provides base images stripped of non-essential system binaries to significantly reduce the container attack surface.
  • Minimal Base Image Creation - Builds stripped-down images containing only the application and its runtime dependencies to reduce overhead.
  • Minimal Base Images - Ships a set of stripped-down container base images containing only runtimes and minimal dependencies.
  • Vulnerability Patching - Automatically detects and patches vulnerabilities by tracking upstream OS releases and regenerating images.
  • Language-Specific Packaging - Packages minimal shared libraries and runtime components required for specific programming languages to execute.
  • Automated Security Patching - Monitors official operating system releases to automatically generate updated images when security vulnerabilities are fixed.
  • Container Surface Reduction - Limits security exploit vectors by removing shells, package managers, and unnecessary binaries from images.
  • Container Hardening - Reduces the container attack surface by removing unused components like shells and package managers.
  • Runtime-Only Compositions - Creates images containing only the application and its minimal dependencies by omitting shells and package managers.
  • Debug Image Layering - Employs a dual-mode layering approach that allows for internal inspection via separate shell-enabled debug images.
  • Container Debugging Utilities - Provides utilities to launch shell-enabled versions of minimal images for internal state inspection.
  • OCI Compliant Image Sets - Provides a set of standardized container images that follow Open Container Initiative specifications.
  • Blob Signature Verifications - Validates image integrity using digital signatures, certificate timestamps, and ephemeral public keys.
  • Supply Chain Integrity - Ensures container image provenance and component integrity through the use of cryptographic signatures.
  • Provenance Verification - Checks digital signatures using ephemeral keys to confirm the origin and integrity of container images.
  • Example Projects - Language-focused container images built using the system.

Historial de estrellas

Gráfico del historial de estrellas de googlecloudplatform/distrolessGráfico del historial de estrellas de googlecloudplatform/distroless

Búsqueda con IA

Explora más repositorios increíbles

Describe lo que necesitas en lenguaje sencillo: la IA clasifica miles de proyectos open-source curados por relevancia.

Start searching with AI

Alternativas open-source a Distroless

Proyectos open-source similares, clasificados según cuántas características comparten con Distroless.
  • googlecontainertools/distrolessAvatar de GoogleContainerTools

    GoogleContainerTools/distroless

    22,254Ver en GitHub↗

    Distroless provides a collection of security-hardened, minimal base container images designed to reduce attack surfaces by excluding non-essential system utilities, package managers, and shells. These images are constructed to contain only an application and its specific runtime dependencies, enforcing the principle of least privilege by configuring environments for non-root execution. The project distinguishes itself through a focus on supply chain integrity and reproducible builds. It utilizes declarative build configurations to track package versions and validates container image integrity

    Starlarkbazeldocker
    Ver en GitHub↗22,254
  • docker-library/pythonAvatar de docker-library

    docker-library/python

    2,739Ver en GitHub↗

    This project provides a standardized Python Docker image, serving as a Linux-based runtime environment for executing Python applications. It is an OCI-compliant container designed to ensure consistent software execution across different platforms. The images support containerized application deployment, enabling environment parity between local development and remote servers. This foundation allows for the creation of standardized build pipelines and the development of microservices architectures. The build process incorporates multi-stage builds and layered image hierarchies to manage image

    Dockerfile
    Ver en GitHub↗2,739
  • docker-library/official-imagesAvatar de docker-library

    docker-library/official-images

    6,972Ver en GitHub↗

    This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite

    Shell
    Ver en GitHub↗6,972
  • amidaware/tacticalrmmAvatar de amidaware

    amidaware/tacticalrmm

    4,161Ver en GitHub↗

    TacticalRMM is a remote monitoring and management platform designed for overseeing endpoints and automating IT administration. It functions as an endpoint management tool and IT automation framework, providing a centralized dashboard for executing scripts, monitoring system health, and managing remote devices across multiple tenants. The platform distinguishes itself through a comprehensive remote administration suite that includes real-time shell access, remote file management, and registry editing. It integrates with third-party remote desktop software and provides a hierarchical policy inh

    Pythondjangodjango-rest-frameworkmonitoring
    Ver en GitHub↗4,161
Ver las 30 alternativas a Distroless→

Preguntas frecuentes

¿Qué hace googlecloudplatform/distroless?

Distroless provides a set of OCI-compliant minimal base images and hardening tools designed to create secure, language-specific execution environments. These images are stripped of non-essential system binaries, shells, and package managers to reduce the container attack surface.

¿Cuáles son las características principales de googlecloudplatform/distroless?

Las características principales de googlecloudplatform/distroless son: Language Base Images, Minimal Runtime Environments, System Binary Stripping, Minimal Base Image Creation, Minimal Base Images, Vulnerability Patching, Language-Specific Packaging, Automated Security Patching.

¿Qué alternativas de código abierto existen para googlecloudplatform/distroless?

Las alternativas de código abierto para googlecloudplatform/distroless incluyen: googlecontainertools/distroless — Distroless provides a collection of security-hardened, minimal base container images designed to reduce attack… docker-library/python — This project provides a standardized Python Docker image, serving as a Linux-based runtime environment for executing… docker-library/official-images — This project is a collection of curated and standardized Docker base images that serve as reliable starting points for… chef/bento — Bento is a system for defining, building, and distributing standardized, cross-platform virtual machine images and… amidaware/tacticalrmm — TacticalRMM is a remote monitoring and management platform designed for overseeing endpoints and automating IT… armosec/kubescape — Kubescape is a security platform for Kubernetes that provides tools for scanning clusters, configurations, and…