Resolve Docker Vulnerabilities

This skill guides you through the process of listing images, checking for vulnerabilities, planning remediation, and verifying the fixes by publishing to a staging repository.

Workflow

1. Publish to Staging

Run the build on fir-tools-builds and publish to the staging repository in firebase-cli to see the baseline vulnerabilities after the build's own updates.

./scripts/publish/firebase-docker-image/run.sh --build-project fir-tools-builds --repo staging --target firebase-cli

2. Check Vulnerabilities

Check the vulnerability reports for the image just pushed to staging. You will need to find the digest of the image first.