regctl

dhi.io/regctl

regctl 0.x (fips, dev)

CIS
FIPS
STIG
linux/amd64
debian 13
Tags:

0-debian-fips-dev, 0-debian13-fips-dev, 0-fips-dev, 0.11-debian-fips-dev, 0.11-debian13-fips-dev, 0.11-fips-dev, 0.11.5-debian-fips-dev, 0.11.5-debian13-fips-dev, 0.11.5-fips-dev

Index digest:

sha256:122ce5d208784cf9e26263906751c094e958fd6ffe254316389fa1cba2d9bd21

Manifest digest:

sha256:4fb638ee9c79da6498260bac57ba5d4cc162449f6eb6d304b5ef0b11848e3247

Size

32.32 MB

Last pushed

3 days ago

Vulnerabilities

0
0
1
1
6

Support

Active

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/regctl:0-debian-fips-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/regctl:0-debian-fips-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/regctl@sha256:c1fc85db32404094c382e3fa6c16f10b604bc1155b07742f40c3c039e8d8430c
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/regctl@sha256:4059ac15cf2057832759a330b170f543eafbc4661207e199690b95a75d26be50
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/regctl@sha256:9cb9c71b32b36a2b1e222d6d3519fd575b3fba85502b789c848f13badcf7747d
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/regctl@sha256:2f0e4dca5680c50c807e2d2e7ddde159a95c5af99a6cefb3357e328adf34f41e
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/regctl@sha256:1b30c525429dce4653293b11bc7012d42cd673c27ebca5ae20f5c4fdb3cbbfaf
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/regctl@sha256:ff0e91c63f95f164e04f3f716e1a6de22c5e9e4d359940a00c658117f647edd1
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/regctl@sha256:7afe02b898276f4cf3f48c579307d37f37d9c1b63afb9fb2effd697f7f5b385e
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/regctl@sha256:db84ea4e2bdc8881970dca2969db93d652896c9cc3e1a6e4de056cf52c3e194f
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/regctl@sha256:015e180cc82742bfd6f8f95ae39b765667fd3955d627a67b6c1dd8cdca726b75
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/regctl@sha256:1f4a012fa2ec259cea148ae8cb21f581e4a63338198473a022b07ae078617f4b
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/regctl@sha256:a990b095e95194bd49d6c7c714d19e8626145a6bcb9029057c55c330efeb8b80
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/regctl@sha256:6fa479a67fc4e6b3b0bfb8bb96b8afe1f3786ac6402c06b7bc12fc247d0500f4
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/regctl@sha256:b57fd6259cf2152b60d20b1bbf31daac0876ed65bd479c35b5a5a977cc38573e
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/regctl@sha256:9dfd059ed567b36352b37b347d04c6fa0870ab231bb6bd82c16f62dc40bade32
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/regctl@sha256:8baa39fe4b7bee66754f778d6f1aa87a65a8983491adb5ec3bdbd320e97deb34
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/regctl@sha256:7b2f675f17c830f38757c396e9b7513a11d3b819d59e2da5f2c98b27bc3ff5fd
SPDX SBOMhttps://spdx.dev/Documentdhi.io/regctl@sha256:c7c214995587681b7923a87b3530851c722bb7d1ce428dd02f87d1aefcd5b2b9