kenzman/ns-wolfi-go

By kenzman

Updated 23 days ago

Near Zero CVE base image.

Image
Security
Languages & frameworks
Operating systems
1

4.2K

kenzman/ns-wolfi-go repository overview

Secure Wolfi-GO Base Image

Build Status Signed with Cosign Image Size

Overview

This is a hardened, multi-architecture Java runtime built on Wolfi, the community-driven Linux undistro designed for security. Curated by NetShield, it provides a minimal attack surface for enterprise SecOps.

Key Features
  • Zero-Vulnerability Focus: Built using apko on Wolfi to minimize CVEs.
  • Multi-Arch: Native support for linux/amd64 and linux/arm64 (Apple Silicon compatible).
  • Supply Chain Security: Every image is keylessly signed with Cosign.

Security Verification

To verify the integrity and origin of this image, ensure you have Cosign installed and run the following command. This check confirms the image was built by our official GitHub automation.

cosign verify \
  --certificate-identity-regexp "https://github.com/Ekene95/secops-base-images/.*" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  kenzman/ns-wolfi-go:1.24.13

Usage

Pull the latest hardened version:

docker pull kenzman/ns-wolfi-go:latest

Use as a base in your Dockerfile:

FROM kenzman/ns-wolfi-go:1.24
COPY my-app /app
CMD ["/app"]

Tag summary

Content type

Image

Digest

sha256:3c4ee2e3b

Size

242.9 MB

Last updated

23 days ago

docker pull kenzman/ns-wolfi-go:1.25