I am trying to understand how companies detect that a Kuberentes pod is running a container that is based on a container image that is out of date.
So, for example, say I have an application called WidgetOrdering. In my dockerfile I setup my WidgetOrdering container, first by having a from clause that that references the .Net 6 runtime container, then I add in additional instructions specific to my application. Then I deploy my WidgetOrdering container to Kubernetes.
After it has run for several months, .Net 6 releases a new version of their runtime container with some security patches in it. I need to know what versions of the .Net 6 container I have running in my cluster so I can target them for updating.
How do people check Kubernetes to see what "base" containers are running in their cluster?