Using Quay.io to find vulnerabilities in your container images

Using Quay.io to find vulnerabilities in your container images

You’ve created a container image that has all the packages that you and your team need to do something useful, or maybe you’ve built a public image that anybody can use. But, what if that image contains packages with known security vulnerabilities? Regardless of the severity of those vulnerabilities, you’ll want to learn more and take steps to mitigate them as soon as possible.

Fortunately, your team uses Quay.io* as your registry. When you push an image to Quay.io, it automatically runs a security scan against that image.

Continue reading “Using Quay.io to find vulnerabilities in your container images”

Share
Go and FIPS 140-2 on Red Hat Enterprise Linux

Go and FIPS 140-2 on Red Hat Enterprise Linux

Red Hat provides the Go programming language to Red Hat Enterprise Linux customers via the go-toolset package. If this package is new to you, and you want to learn more, check out some of the previous articles that have been written for some background.

The go-toolset package is currently shipping Go version 1.11.x, with Red Hat planning to ship 1.12.x in Fall 2019. Currently, the go-toolset package only provides the Go toolchain (e.g., the compiler and associated tools like gofmt); however, we are looking into adding other tools to provide a more complete and full-featured Go development environment.

In this article, I will talk about some of the improvements, changes, and exciting new features for go-toolset that we have been working on. These changes bring many upstream improvements and CVE fixes, as well as new features that we have been developing internally alongside upstream.

Continue reading “Go and FIPS 140-2 on Red Hat Enterprise Linux”

Share
Report from February 2019 ISO WG21 C++ Standards Committee Meeting

Report from February 2019 ISO WG21 C++ Standards Committee Meeting

The February 2019 ISO C++ meeting was held in Kailua-Kona, Hawaii. As usual, Red Hat sent three of us to the meeting: I attended in the SG1 (parallelism and concurrency) group, Jonathan Wakely in Library, and Jason Merrill in the Core Working Group (see Jason’s report here). In this report, I’ll cover a few highlights of the meeting, focusing on the papers that were discussed.

Continue reading “Report from February 2019 ISO WG21 C++ Standards Committee Meeting”

Share
Developer Toolset 8.1 and GCC 8.3 now available for Red Hat Enterprise Linux  7

Developer Toolset 8.1 and GCC 8.3 now available for Red Hat Enterprise Linux 7

Red Hat Developer Toolset delivers GCC, GDB, and a set of complementary development tools for Red Hat Enterprise Linux via two release trains per year. We are pleased to share that Developer Toolset 8.1 with GCC 8.3 is now available and supported on Red Hat Enterprise Linux 7.

Continue reading “Developer Toolset 8.1 and GCC 8.3 now available for Red Hat Enterprise Linux 7”

Share
Project Loom: Lightweight Java threads

Project Loom: Lightweight Java threads

Building responsiveness applications is a never-ending task. With the rise of powerful and multicore CPUs, more raw power is available for applications to consume. In Java, threads are used to make the application work on multiple tasks concurrently. A developer starts a Java thread in the program, and tasks are assigned to this thread to get processed. Threads can do a variety of tasks, such as read from a file, write to a database, take input from a user, and so on.

In this article, we’ll explain more about threads and introduce Project Loom, which supports high-throughput and lightweight concurrency in Java to help simplify writing scalable software.

Continue reading “Project Loom: Lightweight Java threads”

Share
Building Apache Kafka Streams applications using Red Hat AMQ Streams: Part 2

Building Apache Kafka Streams applications using Red Hat AMQ Streams: Part 2

The Apache Kafka project includes a Streams Domain-Specific Language (DSL) built on top of the lower-level Stream Processor API. This DSL provides developers with simple abstractions for performing data processing operations. However, how one builds a stream processing pipeline in a containerized environment with Kafka isn’t clear. This second article in a two-part series uses the basics from the previous article to build an example application using Red Hat AMQ Streams.

Continue reading “Building Apache Kafka Streams applications using Red Hat AMQ Streams: Part 2”

Share
Building Apache Kafka Streams applications using Red Hat AMQ Streams: Part 1

Building Apache Kafka Streams applications using Red Hat AMQ Streams: Part 1

The Apache Kafka project includes a Streams Domain-Specific Language (DSL) built on top of the lower-level Stream Processor API. This DSL provides developers with simple abstractions for performing data processing operations. However, how to build a stream processing pipeline in a containerized environment with Kafka isn’t clear. This two-part article series describes the steps required to build your own Apache Kafka Streams application using Red Hat AMQ Streams.

Continue reading “Building Apache Kafka Streams applications using Red Hat AMQ Streams: Part 1”

Share