scanning-container-security
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseContainer Security Scanner
容器安全扫描器
This skill provides automated assistance for container security scanner tasks.
本技能为容器安全扫描器相关任务提供自动化协助。
Prerequisites
前置条件
Before using this skill, ensure:
- Required credentials and permissions for the operations
- Understanding of the system architecture and dependencies
- Backup of critical data before making structural changes
- Access to relevant documentation and configuration files
- Monitoring tools configured for observability
- Development or staging environment available for testing
使用本技能前,请确保满足以下要求:
- 具备操作所需的凭证和权限
- 了解系统架构和依赖项
- 进行结构变更前已备份关键数据
- 有权访问相关文档和配置文件
- 已配置监控工具以实现可观测性
- 有可用的开发或预发环境用于测试
Instructions
使用说明
Step 1: Assess Current State
步骤1:评估当前状态
- Review current configuration, setup, and baseline metrics
- Identify specific requirements, goals, and constraints
- Document existing patterns, issues, and pain points
- Analyze dependencies and integration points
- Validate all prerequisites are met before proceeding
- 检查当前配置、设置和基准指标
- 明确具体需求、目标和限制条件
- 记录现有模式、问题和痛点
- 分析依赖项和集成点
- 确认所有前置条件均已满足后再继续后续操作
Step 2: Design Solution
步骤2:设计解决方案
- Define optimal approach based on best practices
- Create detailed implementation plan with clear steps
- Identify potential risks and mitigation strategies
- Document expected outcomes and success criteria
- Review plan with team or stakeholders if needed
- 基于最佳实践定义最优方案
- 制定包含清晰步骤的详细实施计划
- 识别潜在风险和缓解策略
- 记录预期结果和成功标准
- 如有需要,与团队或利益相关方评审计划
Step 3: Implement Changes
步骤3:实施变更
- Execute implementation in non-production environment first
- Verify changes work as expected with thorough testing
- Monitor for any issues, errors, or performance impacts
- Document all changes, decisions, and configurations
- Prepare rollback plan and recovery procedures
- 优先在非生产环境中执行实施操作
- 通过全面测试验证变更符合预期
- 监控是否出现任何问题、错误或性能影响
- 记录所有变更、决策和配置
- 准备回滚计划和恢复流程
Step 4: Validate Implementation
步骤4:验证实施效果
- Run comprehensive tests to verify all functionality
- Compare performance metrics against baseline
- Confirm no unintended side effects or regressions
- Update all relevant documentation
- Obtain approval before production deployment
- 运行全面测试以验证所有功能正常
- 对比性能指标与基准值
- 确认无意外副作用或功能回归
- 更新所有相关文档
- 生产环境部署前获得审批
Step 5: Deploy to Production
步骤5:部署到生产环境
- Schedule deployment during appropriate maintenance window
- Execute implementation with real-time monitoring
- Watch closely for any issues or anomalies
- Verify successful deployment and functionality
- Document completion, metrics, and lessons learned
- 在合适的维护窗口内安排部署
- 执行部署时进行实时监控
- 密切关注是否出现任何问题或异常
- 验证部署和功能是否正常
- 记录完成情况、指标和经验教训
Output
产出物
This skill produces:
Implementation Artifacts: Scripts, configuration files, code, and automation tools
Documentation: Comprehensive documentation of changes, procedures, and architecture
Test Results: Validation reports, test coverage, and quality metrics
Monitoring Configuration: Dashboards, alerts, metrics, and observability setup
Runbooks: Operational procedures for maintenance, troubleshooting, and incident response
本技能会生成以下内容:
实施产物:脚本、配置文件、代码和自动化工具
文档:包含变更、流程和架构的全面文档
测试结果:验证报告、测试覆盖率和质量指标
监控配置:仪表盘、告警、指标和可观测性设置
运行手册:维护、故障排除和事件响应的操作流程
Error Handling
错误处理
Permission and Access Issues:
- Verify credentials and permissions for all operations
- Request elevated access if required for specific tasks
- Document all permission requirements for automation
- Use separate service accounts for privileged operations
- Implement least-privilege access principles
Connection and Network Failures:
- Check network connectivity, firewalls, and security groups
- Verify service endpoints, DNS resolution, and routing
- Test connections using diagnostic and troubleshooting tools
- Review network policies, ACLs, and security configurations
- Implement retry logic with exponential backoff
Resource Constraints:
- Monitor resource usage (CPU, memory, disk, network)
- Implement throttling, rate limiting, or queue mechanisms
- Schedule resource-intensive tasks during low-traffic periods
- Scale infrastructure resources if consistently hitting limits
- Optimize queries, code, or configurations for efficiency
Configuration and Syntax Errors:
- Validate all configuration syntax before applying changes
- Test configurations thoroughly in non-production first
- Implement automated configuration validation checks
- Maintain version control for all configuration files
- Keep previous working configuration for quick rollback
权限与访问问题:
- 验证所有操作的凭证和权限
- 特定任务需要时申请更高权限
- 记录自动化所需的所有权限要求
- 特权操作使用独立的服务账号
- 遵循最小权限访问原则
连接与网络故障:
- 检查网络连通性、防火墙和安全组
- 验证服务端点、DNS解析和路由
- 使用诊断和故障排除工具测试连接
- 检查网络策略、访问控制列表和安全配置
- 实现带指数退避的重试逻辑
资源限制:
- 监控资源使用情况(CPU、内存、磁盘、网络)
- 实现节流、限流或队列机制
- 在低流量时段调度资源密集型任务
- 若持续达到资源上限则扩容基础设施资源
- 优化查询、代码或配置以提升效率
配置与语法错误:
- 应用变更前验证所有配置语法
- 优先在非生产环境充分测试配置
- 实现自动化配置校验检查
- 所有配置文件均纳入版本控制
- 保留之前可用的配置以便快速回滚
Resources
相关资源
Configuration Templates:
{baseDir}/templates/container-security-scanner/Documentation and Guides:
{baseDir}/docs/container-security-scanner/Example Scripts and Code:
{baseDir}/examples/container-security-scanner/Troubleshooting Guide:
{baseDir}/docs/container-security-scanner-troubleshooting.mdBest Practices:
{baseDir}/docs/container-security-scanner-best-practices.mdMonitoring Setup:
{baseDir}/monitoring/container-security-scanner-dashboard.json配置模板:
{baseDir}/templates/container-security-scanner/文档与指南:
{baseDir}/docs/container-security-scanner/示例脚本与代码:
{baseDir}/examples/container-security-scanner/故障排除指南:
{baseDir}/docs/container-security-scanner-troubleshooting.md最佳实践:
{baseDir}/docs/container-security-scanner-best-practices.md监控设置:
{baseDir}/monitoring/container-security-scanner-dashboard.jsonOverview
概述
This skill provides automated assistance for the described functionality.
本技能为上述功能提供自动化协助。
Examples
示例
Example usage patterns will be demonstrated in context.
使用场景示例将在上下文环境中演示。