Keeping Up With Latest: Update Strategies for Chainguard Images

Learn how to stay secure and compliant by keeping your Chainguard images up to date without the chaos.

Cancel Apply

rate limit

Code not recognized.

About this course

Chainguard container images are rebuilt nightly to minimize CVEs, but that means frequent updates. This course walks you through why updates matter, how to interpret Chainguard tags, and practical strategies and tools to manage update volume in a sustainable way to maintain your team’s calm.

By the end of this course, you will be able to:

  • Explain why frequent updates are essential for minimizing CVEs and maintaining supply chain integrity
  • Differentiate between active, inactive, and EOL tags in Chainguard images, and know how to track them
  • Evaluate different update strategies (e.g., updating to latest, within a stream, by digest) and their tradeoffs
  • Recognize anti-patterns (like misusing epoch tags) and avoid common pitfalls
  • Use Chainguard and ecosystem tools (e.g., chainctl, image diff, Digestabot, Flux, Argo CD) to automate and scale update management
  • Apply best practices for managing update volume and storage policies
Course Details

  • Software Engineers, DevOps, teams

  • 30-45 min

  • 9 Lessons

 

Curriculum

  • Welcome
  • Why Continuous Rebuilds Matter
  • Understanding Chainguard Image Tags
  • Strategies for Updating Chainguard Containers
  • Avoiding Common Update Anti-Patterns
  • Using Digests for Reproducibility
  • Managing Update Volume Effectively
  • Tools to Automate and Streamline Updates
  • Resources and Next Steps

About this course

Chainguard container images are rebuilt nightly to minimize CVEs, but that means frequent updates. This course walks you through why updates matter, how to interpret Chainguard tags, and practical strategies and tools to manage update volume in a sustainable way to maintain your team’s calm.

By the end of this course, you will be able to:

  • Explain why frequent updates are essential for minimizing CVEs and maintaining supply chain integrity
  • Differentiate between active, inactive, and EOL tags in Chainguard images, and know how to track them
  • Evaluate different update strategies (e.g., updating to latest, within a stream, by digest) and their tradeoffs
  • Recognize anti-patterns (like misusing epoch tags) and avoid common pitfalls
  • Use Chainguard and ecosystem tools (e.g., chainctl, image diff, Digestabot, Flux, Argo CD) to automate and scale update management
  • Apply best practices for managing update volume and storage policies
Course Details

  • Software Engineers, DevOps, teams

  • 30-45 min

  • 9 Lessons

 

Curriculum

  • Welcome
  • Why Continuous Rebuilds Matter
  • Understanding Chainguard Image Tags
  • Strategies for Updating Chainguard Containers
  • Avoiding Common Update Anti-Patterns
  • Using Digests for Reproducibility
  • Managing Update Volume Effectively
  • Tools to Automate and Streamline Updates
  • Resources and Next Steps
Course

Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.