shiny-base

Base Docker image for Shiny applications

Note that this is built on the free version of Shiny Server. For an industrial strength version, consider Posit/R-Studio Connect, available as a Docker container.

Versioning

Semantic versioning is used and containers are tagged based on GitHub tags: If a tag, v1.2.3 is pushed to GitHub then a container image is built with tags 1.2.3 as well as 1.2. Thus the major.minor tag is overwritten when the repo' is patched.

Security

Trivy is run on each built container and they will not be published to ghcr.io if any CRITICAL or HIGH vulnerabilites are found. Trivy is also run daily to check for new vulnerabilities in existing images. So periodic review of new findings is needed: Go to the Security tab in GitHub, select Code Scanning at left, and then select Branch > Main to check for new findings. To suppress false positives, either:

Enter the CVE in .trivyignore, or
Enter the file to skip while scanning in the trivy.yml workflow.

In either case, add a comment justifying why the finding is suppressed.

Name		Name	Last commit message	Last commit date
Latest commit History 54 Commits
.github/workflows		.github/workflows
.dockerfilelintrc		.dockerfilelintrc
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
.trivyignore		.trivyignore
.yamllint.yaml		.yamllint.yaml
Dockerfile		Dockerfile
README.md		README.md
shiny-server.conf		shiny-server.conf
startup.sh		startup.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

shiny-base

Versioning

Security

About

Releases

Packages

Languages

Sage-Bionetworks/shiny-base

Folders and files

Latest commit

History

Repository files navigation

shiny-base

Versioning

Security

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages