Git Tips A collection of short and useful Git tips for all levels.

4 years ago on this day, I started a Twitter series called "Git Pro Tips". They are now available on git-weekly's website:
git-weekly.com/tips

A document without a signature is just a rumor. Use Cosign to cryptographically sign your container images and attestations, ensuring complete supply chain trust. 🖋️🔐

Commando 9️⃣ Evie signs every artifact so that no CVE can tamper with it. 🤠

Meet the team: dockersecurity.io/co...

Complex builds shouldn't rely on massive CLI commands. Use Docker Bake (docker-bake.hcl) to define tags, multi-platform builds, and attestations as version-controlled code. 🏗️

Commando 8️⃣ Captain Ahab brings order to the chaos of the container whale. 🐋

Meet the team: dockersecurity.io/co...

Mohammad-Ali's Docker Commando Certificate - Docker and Kubernetes Security Mohammad-Ali has successfully completed the Docker Commandos v1.5 Asgard Mission. Demonstrate your own mastery of supply-chain security!

I just completed the Docker Commandos v1.5 Asgard Mission! 🐳🛡️

Check out my certificate of completion: www.dockersecurity.io/commandos/in...

Prove your vulnerability exemptions are legitimate. VEX Attestations act as tamper-proof OCI referrers that travel with your container, automating compliance. ✅

Commando 7️⃣ RuinTan, the Immortal, grants invincible, verifiable protection cards to the innocent. 💀

More: dockersecurity.io/co...

Stop scanner fatigue! Use VEX (Vulnerability Exploitability eXchange) to formally exempt CVEs that aren't exploitable in your specific context. 🔇

Commando 6️⃣ Mina, the Undead Assassin, knows exactly which monsters are a threat and which are harmless. 🧛‍♀️

Learn more: dockersecurity.io/co...

Want to slash your attack surface to zero? Use Docker Hardened Images:

FROM dhi.io/node:25

Instead of:

FROM node:25

Hardened Images are not hard.

Commando 5️⃣ Artemisia, the Amazonian Commander, guards the heavily fortified, zero-CVE district. ⚓

www.dockersecurity.i...

Don't just generate an SBOM—attach it to your image! Using --sbom=true during build ensures the artifact travels everywhere your container goes. 🪪

Commando 4️⃣ The Valkyrie issues permanent, tamper-proof ID cards at the gates of Asgard. 🛡️

Meet the team: dockersecurity.io/co...

Nice! I'll check it out. 😊

Find the vulnerabilities before you deploy. Cross-reference your SBOM against real-time CVE databases:

$ docker scout cves <image>

Commando 3️⃣ Jack, the Cyborg Soldier, acts as the ultimate scanner, hunting monsters on the perimeter. 🤖

Meet the team: dockersecurity.io/co...

You can't patch what you don't know you have. Generating an SBOM gives you full visibility into every component of your software supply chain. 📋

$ docker sbom <image>

Commando 2️⃣ Rothütle demands a list of all Asgard residents to hunt down hidden CVEs.

Meet the team: dockersecurity.io/co...

Stop writing insecure Dockerfiles from scratch. 🛑
Use docker init to automatically generate production-ready, secure foundations based on best practices.

That's how Commando 1️⃣ Gord, the Swordmaster, builds her impenetrable command center in Asgard. ⚔️

Meet the team: dockersecurity.io/co...

10 Docker Commandos: Docker Commands to Hunt the Predator - JAVAPRO International Whose day is it on Tuesday? I mean, Wednesday is Odin’s day, Thursday is Thor’s day, and Friday is Frigg’s day, or…

My JavaPro article on "10 essential Docker commands to hunt the predator" is live!

We cover:
📜 SBOMs & Attestations
🛡️ Hardened Images (DHI)
🚫 VEX Exemptions
🕵️‍♂️ Zero-Day Defenses

Read the full Asgard mission here 👇
javapro.io/2026/03/1...

#Docker #DevSecOps #Java #ContainerSecurity

10 Docker Commandos: Docker Commands to Hunt the Predator - JAVAPRO International Whose day is it on Tuesday? I mean, Wednesday is Odin’s day, Thursday is Thor’s day, and Friday is Frigg’s day, or…

My JavaPro article on "10 essential Docker commands to hunt the predator" is live!

We cover:
📜 SBOMs & Attestations
🛡️ Hardened Images (DHI)
🚫 VEX Exemptions
🕵️‍♂️ Zero-Day Defenses

Read the full Asgard mission here 👇
javapro.io/2026/03/1...

#Docker #DevSecOps #Java #ContainerSecurity

Docker Commandos — Narrative-Driven Docker Security Workshop - Docker and Kubernetes Security A hands-on Docker security workshop told through the story of 10 commandos fighting CVE monsters in Asgard. Covering SBOMs, attestations, hardened images, VEX, Docker Bake, Cosign, and zero-day defense.

The worship material and story are available here:

Docker Commandos landed at Rabobank! ⚔️🐳

Last week, I ran the v1.5 Asgard Mission workshop for ~30 engineers in the Netherlands—and 80% rated it 5/5! 🌟

Instead of dry security slides, we used a dark fantasy narrative to secure the container supply chain. 🧵👇

Docker Commandos coming to Cologne. 💪
On April 20–23 I'll be at @JCON.one with my workshop:
☕ »Java Supply Chain Security with Docker«

SBOMs. Attestations. Docker Hardened images.

Cologne is in Carnival mode—so we're bringing the energy.

🎟️ 10% off with ARABI-VIP-15

CC @docker.com

Guess who's a verified book author on Medium!
aerabi.medium.com

Docker Hardened Images are Free Docker introduced Hardened Images in 2025 as a secure-by-default base image line, designed to keep...

Docker Hardened Images are now free!

FROM dhi‌.io‌/node:24

From this moment on, you can use the near-zero-CVE Docker images as your base images, for free!

Learn more here:

Container Security Advent, day 7 is rather ceremonial. Like Sunday.
🎄⚔️🤠

Tip. Rebuild your Docker images regularly and keep your dependencies in check.

dev.to/aerabi/-day-...

Day 5 — The Fog in the Valley In the previous 4 days, we followed Gord and Rothütle as they journeyed through the Black Forest....

Container Security Advent, day 5 is here!
🌫️🌲👣

The fog thickens as Gord and Rothütle enter the valley toward Oberried…

Today's security tip: Environment Drift—when small inconsistencies warp your whole system.

dev.to/aerabi/day-5...

Day 4 — Midnight Vigil Gord and Rothütle arrive in Kirchzarten as dusk falls, the sky painted in deep oranges and purples....

Container Security Advent, day 4 is here!
🍽️🌒👣
Tonight in Kirchzarten, Gord keeps vigil while the village sleeps…
And our security tip dives into continuous monitoring.

Do I make a good Norse God?
Jfokus people have created this avatar for me as I’m going to join them to talk about Docker Security.

What do you think my Norse God name would be? A’rabír?

Day 3 — Through the Gate Night settles over Salzstraße as Rothütle and Gord arrive at Hauptmann Seutter von Loetzen's...

Container Security Advent, day 3 is here!
🪔📩🌃🌲

Day 2 — The Typed Letter Leaving Zum Roten Bären behind them, Rothütle and Gord walk through the quiet evening streets of...

Day 2 of the DevSecOps Advent blog is here!
🕯️🚪📩📜

They get a typed letter!

Day 1 — The Red Bear Inn: Beginning the Security Advent (Defense in Depth) Welcome to the first issue of Black Forest Shadow, an Advent series where two worlds collide: A...

So… I started an Advent series that mixes Gothic Black Forest storytelling with container security tips, because clearly I've gone crazy.

🎩🌲💀🐋
Day 1 is live:

A hand holds a blue book cover titled "Docker Kubernetes Security" by Mohammad-Ali A'râbi. The top left features the "DS DockerSecurity.io" logo and website, with "[v1.0.0]" on the top right. A white square with a plus sign is positioned between "Docker" and "Kubernetes" in the main title. Below, it details "Supply Chain Security + Runtime Protection" alongside a stylized white and light blue whale tail design. The author's name, "Mohammad-Ali A'râbi", is prominent at the bottom, with "Forewords by Hamida Rebai and Liran Tal" beneath it. A black keyboard is partially visible below the book, against a vibrant, blurred orange and red background.

A white piece of paper features a handwritten dedication in blue ink at the top, reading "To the best Captain in India," followed by the signature "Mohammad-Ali." Below this, printed in a gothic-style font, is the title "Docker and Kubernetes Security." Underneath the title is a black illustration of a stylized archer, possibly a man, riding a lion-like mythological creature with a bow and arrow. The paper is placed in front of a computer monitor displaying a vibrant, blurry red and orange abstract wallpaper with a row of indistinct application icons at the bottom.

Thank you, @aerabi.com, for gifting a copy of your newly published book, Docker and Kubernetes Security, and for bringing it all the way from Germany to Istanbul. I will go through it soon.

If you want to learn @docker.com and Kubernetes security, I highly recommend this book.

24. Git Diff Between Branches Welcome to Git Weekly issue 24, written straight from Freiburg after two insane weeks. Before we get to today's git topic, let's do a quick recap—because a lot happened.

🤯 Issue #24 of Git Weekly is LIVE! I was up until midnight finishing it, but it was worth it.

🏆 My book is an official DEVOPS DOZEN 2025 FINALIST! 🎉

Plus, a deep dive into 6 powerful git diff commands and news on the new India Edition print release.

www.linkedin.com/pulse/24-git...

Top 5 Container Security Books for 2026 - Docker and Kubernetes Security A curated list of the best books on Docker and Kubernetes security for 2026.

I just compiled a list of Docker security books for 2026.
Did I miss anything?

Christmas with Containers 2025, Thu, Dec 11, 2025, 6:00 PM | Meetup Christmas is around the corner, and we have a lot to unpack! Two Docker Captains are coming to Freiburg to talk about the latest features. **Timo Stark** was just awarded

Our next Docker meetup in Freiburg is announced!
📅 December 11th
🕕 18:00 CET
📍 Freiburg, JobRad's campus
www.meetup.com/docke...