Build a Python Flask application with Red Hat Hardened Images

Standard container images often include extra files that your applications do not need. These files increase the attack surface and can generate unnecessary alerts from security scanners. Red Hat Hardened Images are distroless, meaning they contain only the essential files required to run your applications. Because these images are stripped of extra software your application does not need, there are fewer parts that can break or be attacked. If a file is not in a container, a scanner cannot flag it as a vulnerability. This allows you to focus on code quality rather than investigating irrelevant security reports. Most developers wait until the very end of a project to worry about scanner reports; Red Hat Hardened Images provide a foundation designed to keep those reports as clean as you can from day one.

In this learning path, you will set up a development container first. This ensures that every developer on our team uses the exact same tools. You will then use Python Flask to develop our web application and Gunicorn to serve your application to the web because it is more reliable for real-world web traffic.

Prerequisites:

Download Red Hat build of Podman Desktop for Windows, macOS, or Red Hat Enterprise Linux (RHEL).

In this learning path, you will:

Build a sample application image for Python Flask.
Build and run a security-hardened image using Red Hat Hardened Images and Red Hat build of Podman Desktop.