This repository has been archived by the owner on Jan 26, 2024. It is now read-only.

chainguard-images / template Public archive

Notifications You must be signed in to change notification settings
Fork 10
Star 25

Template repository for new images

Apache-2.0 license

25 stars 10 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 122 Commits
.github		.github
LICENSE		LICENSE
README.md		README.md
apko.yaml		apko.yaml

Repository files navigation

Chainguard Images Template

This repo provides a basic template for a Wolfi-based image configured using apko.

After creating your own repo from this template, edit apko.yaml to add or remove whatever packages you need.

The template includes two GitHub Actions workflows:

run a presubmit build when a pull request is opened
publish a new image when changes are pushed to main.
- Images are pushed to ghcr.io/$ORG/$REPO, tagged with the date the image was published (e.g., :20230103).
- Images are signed using the GitHub Actions' workload identity (cosign verify <image>).
- Images have an SBOM attached (cosign download sbom <image>).
- Images are scanned for vulnerabilities using Trivy, and signed vulnerability attestations are attached (cosign download attestation <image>). You can enable scanning with Grype and Snyk as well.
- Images are also rebuilt nightly to pick up Wolfi package updates.

About

Template repository for new images

Apache-2.0 license

Custom properties

Report repository

Releases

No releases published

Packages

Contributors 12