argo-workflow-exec
Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.
10K+
The Argo Workflow Executor container provides a runtime environment for executing individual steps within Argo Workflows. It includes the necessary tooling to run workflow tasks, handle artifacts, manage script execution, and interface with the Argo Workflows controller. This container is designed to be lightweight yet capable of running diverse workloads as part of workflow automation.
📌 CleanStart Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments.
# Pull commands
docker pull cleanstart/argo-workflow-exec:latest
docker pull cleanstart/argo-workflow-exec:latest-dev
This container runs only the argoexec binary - typically managed by Argo Workflows controller
docker run --rm cleanstart/argo-workflow-exec:latest version
Container displays available argoexec commands and exits. Requires Kubernetes context for actual workflow operations.
version: '3.8'
services:
argo-workflow-exec:
image: cleanstart/argo-workflow-exec:latest
container_name: argo-workflow-exec
command: ["version"]
environment:
- ARGO_NAMESPACE=default
volumes:
- ./artifacts:/tmp/artifacts
security_opt:
- no-new-privileges:true
read_only: true
tmpfs:
- /tmp
| Variable | Default | Description |
|---|---|---|
| ARGO_TEMPLATE | /templates/workflow.yaml | Path to the workflow template file |
| ARGO_ARTIFACT_REPOSITORY | default | Artifact repository configuration to use |
Common command line arguments
docker run cleanstart/argo-workflow-exec:latest --template /templates/workflow.yaml
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
docker pull --platform linux/amd64 cleanstart/argo-workflow-exec:latest
docker pull --platform linux/arm64 cleanstart/argo-workflow-exec:latest
CleanStart offers Docker images that include third-party open-source libraries and packages maintained by independent contributors. While CleanStart maintains these images and applies industry-standard security practices, it cannot guarantee the security or integrity of upstream components beyond its control.
Users acknowledge and agree that open-source software may contain undiscovered vulnerabilities or introduce new risks through updates. CleanStart shall not be liable for security issues originating from third-party libraries, including but not limited to zero-day exploits, supply chain attacks, or contributor-introduced risks.
Security remains a shared responsibility: CleanStart provides updated images and guidance where possible, while users are responsible for evaluating deployments and implementing appropriate controls.
Content type
Image
Digest
sha256:7cccbab7a…
Size
100.5 MB
Last updated
about 1 hour ago
docker pull cleanstart/argo-workflow-exec:4.0.7-amd64-dev