kenzman/mpnt-wolfi-java

By kenzman

Updated 22 days ago

Near Zero CVE base image.

Image
Security
Languages & frameworks
Operating systems
1

9.9K

kenzman/mpnt-wolfi-java repository overview

Secure Wolfi-Java Base Image

Build Status Signed with Cosign Image Size

Overview

This is a hardened, multi-architecture Java runtime built on Wolfi, the community-driven Linux undistro designed for security. Curated by NetShield, it provides a minimal attack surface for enterprise SecOps.

Key Features
  • Zero-Vulnerability Focus: Built using apko on Wolfi to minimize CVEs.
  • Multi-Arch: Native support for linux/amd64 and linux/arm64 (Apple Silicon compatible).
  • Supply Chain Security: Every image is keylessly signed with Cosign.

Security Verification

To verify the integrity and origin of this image, ensure you have Cosign installed and run the following command. This check confirms the image was built by our official GitHub automation.

cosign verify \
  --certificate-identity-regexp "https://github.com/Ekene95/secops-base-images/.*" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  kenzman/mpnt-wolfi-java:24.0.2

Usage

Pull the latest hardened version:

docker pull kenzman/mpnt-wolfi-java:latest

Use as a base in your Dockerfile:

FROM kenzman/mpnt-wolfi-java:24
COPY my-app.jar /app.jar
CMD ["java", "-jar", "/app.jar"]

Tag summary

Content type

Image

Digest

sha256:6e65e7089

Size

70 MB

Last updated

22 days ago

docker pull kenzman/mpnt-wolfi-java:17.0.19-internal