diff --git a/content/chainguard/chainguard-images/reference/fluentd/tags_history.md b/content/chainguard/chainguard-images/reference/fluentd/tags_history.md index b6fd0eb4a5..0498db3461 100644 --- a/content/chainguard/chainguard-images/reference/fluentd/tags_history.md +++ b/content/chainguard/chainguard-images/reference/fluentd/tags_history.md @@ -25,7 +25,7 @@ Please note that digests and timestamps only change when there is a change to th | Tag (s) | Last Changed | Digest | |--------------------------|----------------|---------------------------------------------------------------------------| +| `latest-splunk` | September 18th | `sha256:714aea688ee559f5cb5040f9e76565afd231dee66e05e3e14b9544bdb702a18a` | | `latest-dev` `edge-dev` | September 14th | `sha256:1d50e543cd661c21a3812e59dcf5d5f5747d6f8a38ddbe02db5a3f3821a17471` | | `latest` `edge` | September 14th | `sha256:5aa6177d87ac9bdcac270830c3c118267c0f11481aadca56419b633a5ae79d07` | -| `latest-splunk` | September 14th | `sha256:3f29e6690e4bdffa91baca5c50828ef33b582bb6b25303449f0ddda3ff417062` | diff --git a/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/_index.md index 1870473883..82acf0ef6c 100644 --- a/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/_index.md +++ b/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/_index.md @@ -23,23 +23,11 @@ toc: true {{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/provenance_info/" >}} {{}} +Minimal **kubeflow-jupyter-web-app** images with nightly builds. +## Get it! -Minimalist Jupyter Web Application. - -## Usage - -There are kustomize files exist for deploying this image to a kubernetes cluster in kubeflow official GitHub [repository](github.com/kubeflow/kubeflow/). You can find them in [kubeflow/kubeflow/tree/master/components/crud-web-apps/jupyter/manifests](https://github.com/kubeflow/kubeflow/tree/master/components/crud-web-apps/jupyter/manifests). - -All you need to do is running the following command in the directory of the kustomize files: - -```bash -$ kubectl create ns kubeflow -$ export CURRENT_JWA_IMG=docker.io/kubeflownotebookswg/jupyter-web-app:latest -$ export PR_JWA_IMG=cgr.dev/chainguard/kubeflow-jupyter-web-app:latest -$ kustomize build overlays/istio | sed "s#$CURRENT_JWA_IMG#$PR_JWA_IMG#g" | kubectl apply -f - -$ kubectl wait pods -n kubeflow -l app=jupyter-web-app --for=condition=Ready --timeout=300s -```` - -then you will be having a Jupyter Web Application running in your kubernetes cluster, voila! +``` +docker pull cgr.dev/chainguard/kubeflow-jupyter-web-app:latest +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/image_specs.md index c1863d8951..fd32d136b5 100644 --- a/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/image_specs.md +++ b/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/image_specs.md @@ -29,14 +29,14 @@ The **kubeflow-jupyter-web-app** Chainguard Image currently has 2 public variant The table has detailed information about each of these variants. -| | latest-dev | latest | -|--------------|---------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------| -| Default User | `nonroot` | `nonroot` | -| Entrypoint | `/bin/bash -c "gunicorn -w 3 --bind 0.0.0.0:5000 --chdir usr/share/kubeflow-jupyter-web-app --access-logfile - entrypoint:app"` | `/bin/bash -c "gunicorn -w 3 --bind 0.0.0.0:5000 --chdir usr/share/kubeflow-jupyter-web-app --access-logfile - entrypoint:app"` | -| CMD | not specified | not specified | -| Workdir | not specified | not specified | -| Has apk? | yes | no | -| Has a shell? | yes | yes | +| | latest-dev | latest | +|--------------|----------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | `/bin/bash -c "gunicorn -w 3 --bind 0.0.0.0:5000 --chdir /usr/share/kubeflow-jupyter-web-app --access-logfile - entrypoint:app"` | `/bin/bash -c "gunicorn -w 3 --bind 0.0.0.0:5000 --chdir /usr/share/kubeflow-jupyter-web-app --access-logfile - entrypoint:app"` | +| CMD | not specified | not specified | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/tags_history/) for the full list of available tags. @@ -47,7 +47,7 @@ The table shows package distribution across variants. |----------------------------|------------|--------| | `apk-tools` | X | | | `bash` | X | X | -| `busybox` | X | X | +| `busybox` | X | | | `ca-certificates-bundle` | X | X | | `gdbm` | X | X | | `git` | X | | diff --git a/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/tags_history.md index d0dcb2a29f..9e38e97afd 100644 --- a/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/tags_history.md +++ b/content/chainguard/chainguard-images/reference/kubeflow-jupyter-web-app/tags_history.md @@ -25,6 +25,6 @@ Please note that digests and timestamps only change when there is a change to th | Tag (s) | Last Changed | Digest | |---------------|----------------|---------------------------------------------------------------------------| -| `latest-dev` | September 15th | `sha256:60205821f93e83baef37df709c627a0444a02e7a03a264bd045618e2aee36bbd` | -| `latest` | September 15th | `sha256:ca9f344a575db94be40bbf3233e447c4b797b17d91deecc4badeaca4dc2bf5cf` | +| `latest-dev` | September 18th | `sha256:a7b559689e1807c644f03d64e8e673d3347fb46e1943f9942745e7b1f5bf994e` | +| `latest` | September 18th | `sha256:8ad8d8f8976288a846e96f3b1fd0ce3c0991a176f1d3e697ef1137dd9d1df6ad` | diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/_index.md new file mode 100644 index 0000000000..980c2e6119 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-api-server" +linktitle: "kubeflow-pipelines-api-server" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-api-server Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-api-server** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-api-server:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs.md new file mode 100644 index 0000000000..2973c5adc5 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs.md @@ -0,0 +1,74 @@ +--- +title: "kubeflow-pipelines-api-server Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-api-server Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-api-server** Image. + +## Variants Compared +The **kubeflow-pipelines-api-server** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|---------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | not specified | not specified | +| CMD | `/usr/bin/apiserver --config=/config --sampleconfig=/config/sample_config.json -logtostderr=true` | `/usr/bin/apiserver --config=/config --sampleconfig=/config/sample_config.json -logtostderr=true` | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | no | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|--------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | | +| `busybox` | X | | +| `ca-certificates-bundle` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubeflow-pipelines-apiserver` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | | +| `libcrypto3` | X | X | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libgcc` | X | X | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | X | +| `libstdc++` | X | X | +| `ncurses` | X | | +| `ncurses-terminfo-base` | X | | +| `openssl-config` | X | X | +| `wget` | X | X | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info.md new file mode 100644 index 0000000000..6cdfbab69e --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-api-server Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-api-server Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-api-server** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-api-server | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-api-server | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-api-server +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-api-server -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history.md new file mode 100644 index 0000000000..52d472012e --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-api-server Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-api-server Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-api-server/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest-dev` | September 18th | `sha256:5d96190ca79599b204f6dd2bc1460e9789319985b5c1e43b80cf0a53d6af2cb9` | +| `latest` | September 18th | `sha256:c4e1a37a58c61c9f522685f17abbdad4da34b9cd093e319a3292fe45fd12529f` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/_index.md new file mode 100644 index 0000000000..9d44cc6344 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-cache-deployer" +linktitle: "kubeflow-pipelines-cache-deployer" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-cache-deployer Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-cache-deployer** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-cache-deployer:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs.md new file mode 100644 index 0000000000..f5604d664b --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs.md @@ -0,0 +1,76 @@ +--- +title: "kubeflow-pipelines-cache-deployer Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-cache-deployer Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-cache-deployer** Image. + +## Variants Compared +The **kubeflow-pipelines-cache-deployer** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|---------------------------------------------------------|---------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | `/bin/bash /kfp/cache/deployer/deploy-cache-service.sh` | `/bin/bash /kfp/cache/deployer/deploy-cache-service.sh` | +| CMD | not specified | not specified | +| Workdir | `/kfp/cache/deployer` | `/kfp/cache/deployer` | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|--------------------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | X | +| `busybox` | X | X | +| `ca-certificates-bundle` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubectl-1.28` | X | X | +| `kubectl-latest` | X | X | +| `kubeflow-pipelines-cache-deployer` | X | X | +| `kubeflow-pipelines-cache-deployer-compat` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | X | +| `libcrypto3` | X | X | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | X | +| `ncurses` | X | X | +| `ncurses-terminfo-base` | X | X | +| `openssl` | X | X | +| `openssl-config` | X | X | +| `openssl-provider-legacy` | X | X | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info.md new file mode 100644 index 0000000000..a2c4601fc7 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-cache-deployer Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-cache-deployer Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-cache-deployer** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-cache-deployer | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-cache-deployer | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-cache-deployer +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-cache-deployer -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history.md new file mode 100644 index 0000000000..1e08709139 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-cache-deployer Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-cache-deployer Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-deployer/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest-dev` | September 18th | `sha256:3eb8ee9b48f99cceb13dc48c81409af0b27c0ad2930198f5672d1a432ab9e3dc` | +| `latest` | September 18th | `sha256:f843ffc255ccc0de536ccbcc52c3767a432a0db98f4ece1ee8983f0dbc865567` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/_index.md new file mode 100644 index 0000000000..a1e2fcb86d --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-cache-server" +linktitle: "kubeflow-pipelines-cache-server" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-cache-server Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-cache-server** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-cache-server:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs.md new file mode 100644 index 0000000000..684678a4bb --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs.md @@ -0,0 +1,71 @@ +--- +title: "kubeflow-pipelines-cache-server Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-cache-server Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-cache-server** Image. + +## Variants Compared +The **kubeflow-pipelines-cache-server** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|-------------------------|-------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | `/usr/bin/cache_server` | `/usr/bin/cache_server` | +| CMD | not specified | not specified | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|-----------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | | +| `busybox` | X | X | +| `ca-certificates-bundle` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubeflow-pipelines-cache_server` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | X | +| `libcrypto3` | X | | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | | +| `ncurses` | X | | +| `ncurses-terminfo-base` | X | | +| `openssl-config` | X | | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info.md new file mode 100644 index 0000000000..74b2cdfcdf --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-cache-server Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-cache-server Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-cache-server** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-cache-server | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-cache-server | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-cache-server +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-cache-server -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history.md new file mode 100644 index 0000000000..5b98e607fe --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-cache-server Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-cache-server Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-cache-server/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest` | September 18th | `sha256:300976bbf7c1d7f9dedc2b6dc9a4c621c3e008e6476a28f66398450c5bcbdac1` | +| `latest-dev` | September 18th | `sha256:e3741ebb479c548e02c72114bb3fc9b159b500b2a48ac18ec35622bdd09520b2` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/_index.md new file mode 100644 index 0000000000..c0a91a2e8f --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-metadata-writer" +linktitle: "kubeflow-pipelines-metadata-writer" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-metadata-writer Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-metadata-writer** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-metadata-writer:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs.md new file mode 100644 index 0000000000..ea8de565fe --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs.md @@ -0,0 +1,116 @@ +--- +title: "kubeflow-pipelines-metadata-writer Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-metadata-writer Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-metadata-writer** Image. + +## Variants Compared +The **kubeflow-pipelines-metadata-writer** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|------------------------------------------------------|------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | `python3 -u /kfp/metadata_writer/metadata_writer.py` | `python3 -u /kfp/metadata_writer/metadata_writer.py` | +| CMD | not specified | not specified | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | no | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|---------------------------------------------|------------|--------| +| `abseillib` | X | X | +| `apk-tools` | X | | +| `bash` | X | | +| `busybox` | X | | +| `c-ares` | X | X | +| `ca-certificates-bundle` | X | X | +| `gdbm` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `gmock` | X | X | +| `gtest` | X | X | +| `icu` | X | X | +| `kubeflow-pipelines-metadata-writer` | X | X | +| `kubeflow-pipelines-metadata-writer-compat` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libbz2-1` | X | X | +| `libcrypt1` | X | X | +| `libcrypto3` | X | X | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | X | +| `libffi` | X | X | +| `libgcc` | X | X | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | X | +| `libstdc++` | X | X | +| `mpdecimal` | X | X | +| `ncurses` | X | X | +| `ncurses-terminfo-base` | X | X | +| `openssl-config` | X | X | +| `py3-absl-py` | X | X | +| `py3-asn1` | X | X | +| `py3-asn1-modules` | X | X | +| `py3-attrs` | X | X | +| `py3-cachetools` | X | X | +| `py3-certifi` | X | X | +| `py3-charset-normalizer` | X | X | +| `py3-dateutil` | X | X | +| `py3-google-auth` | X | X | +| `py3-grpcio` | X | X | +| `py3-idna` | X | X | +| `py3-importlib-metadata` | X | X | +| `py3-ipaddress` | X | X | +| `py3-kubernetes` | X | X | +| `py3-lru-dict` | X | X | +| `py3-ml-metadata` | X | X | +| `py3-oauthlib` | X | X | +| `py3-protobuf` | X | X | +| `py3-requests` | X | X | +| `py3-requests-oauthlib` | X | X | +| `py3-rsa` | X | X | +| `py3-six` | X | X | +| `py3-typing-extensions` | X | X | +| `py3-urllib3` | X | X | +| `py3-websocket-client` | X | X | +| `py3-yaml` | X | X | +| `py3-zipp` | X | X | +| `python-3.11` | X | X | +| `re2` | X | X | +| `readline` | X | X | +| `sqlite-libs` | X | X | +| `wolfi-baselayout` | X | X | +| `xz` | X | X | +| `yaml` | X | X | +| `zlib` | X | X | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info.md new file mode 100644 index 0000000000..c96c4c4418 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-metadata-writer Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-metadata-writer Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-metadata-writer** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-metadata-writer | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-metadata-writer | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-metadata-writer +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-metadata-writer -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history.md new file mode 100644 index 0000000000..af1e37ce8e --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-metadata-writer Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-metadata-writer Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-metadata-writer/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest-dev` | September 18th | `sha256:52ce6b1c8201cb9045fa0951e2ea2077887f43db48fda5f9e4ee7780197b6d0c` | +| `latest` | September 18th | `sha256:dcec1de805721175d6b8e2185af98256b494452f553df02ea502cfdb33f07e70` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/_index.md new file mode 100644 index 0000000000..21b0fec1dd --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-persistenceagent" +linktitle: "kubeflow-pipelines-persistenceagent" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-persistenceagent Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-persistenceagent** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-persistenceagent:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs.md new file mode 100644 index 0000000000..4f76618ba5 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs.md @@ -0,0 +1,71 @@ +--- +title: "kubeflow-pipelines-persistenceagent Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-persistenceagent Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-persistenceagent** Image. + +## Variants Compared +The **kubeflow-pipelines-persistenceagent** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|--------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | not specified | not specified | +| CMD | `/usr/bin/persistence_agent --logtostderr=true --namespace="" --ttlSecondsAfterWorkflowFinish=86400 --numWorker 2` | `/usr/bin/persistence_agent --logtostderr=true --namespace="" --ttlSecondsAfterWorkflowFinish=86400 --numWorker 2` | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|----------------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | | +| `busybox` | X | X | +| `ca-certificates-bundle` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubeflow-pipelines-persistence_agent` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | X | +| `libcrypto3` | X | | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | | +| `ncurses` | X | | +| `ncurses-terminfo-base` | X | | +| `openssl-config` | X | | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info.md new file mode 100644 index 0000000000..109149b1b0 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-persistenceagent Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-persistenceagent Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-persistenceagent** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-persistenceagent | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-persistenceagent | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-persistenceagent +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-persistenceagent -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history.md new file mode 100644 index 0000000000..432dfb50ae --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-persistenceagent Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-persistenceagent Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-persistenceagent/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest-dev` | September 18th | `sha256:07ddec978912480cac3574ef9f3013307a4b314b807e228780f36dee84f1f1ca` | +| `latest` | September 18th | `sha256:8eea81e214402aa6975f400db3f5485ddc8107f3897a1fdcc3d4d6e11df74e68` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/_index.md new file mode 100644 index 0000000000..32592e3e51 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-scheduledworkflow" +linktitle: "kubeflow-pipelines-scheduledworkflow" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-scheduledworkflow Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-scheduledworkflow** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-scheduledworkflow:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs.md new file mode 100644 index 0000000000..7612f8fb1b --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs.md @@ -0,0 +1,71 @@ +--- +title: "kubeflow-pipelines-scheduledworkflow Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-scheduledworkflow Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-scheduledworkflow** Image. + +## Variants Compared +The **kubeflow-pipelines-scheduledworkflow** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|----------------------------------------------------------------|----------------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | not specified | not specified | +| CMD | `/usr/bin/scheduledworkflow --logtostderr=true --namespace=""` | `/usr/bin/scheduledworkflow --logtostderr=true --namespace=""` | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|----------------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | | +| `busybox` | X | X | +| `ca-certificates-bundle` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubeflow-pipelines-scheduledworkflow` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | X | +| `libcrypto3` | X | | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | | +| `ncurses` | X | | +| `ncurses-terminfo-base` | X | | +| `openssl-config` | X | | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info.md new file mode 100644 index 0000000000..85dc39584c --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-scheduledworkflow Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-scheduledworkflow Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-scheduledworkflow** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-scheduledworkflow | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-scheduledworkflow | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-scheduledworkflow +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-scheduledworkflow -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history.md new file mode 100644 index 0000000000..c4a3516653 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-scheduledworkflow Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-scheduledworkflow Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-scheduledworkflow/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest-dev` | September 18th | `sha256:ece1bc381e5fda064ab61331458fa94c34cbcf5f1c0ca7e704f4aef8630dc80a` | +| `latest` | September 18th | `sha256:bac3974ce2a901fe1c6cd0f403574c0040e908b16675ad773f6b0286862b1f1d` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/_index.md new file mode 100644 index 0000000000..0cdb3424a4 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-pipelines-viewer-crd-controller" +linktitle: "kubeflow-pipelines-viewer-crd-controller" +type: "article" +layout: "single" +description: "Overview: kubeflow-pipelines-viewer-crd-controller Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info/" >}} +{{}} + +Minimal **kubeflow-pipelines-viewer-crd-controller** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-pipelines-viewer-crd-controller:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs.md new file mode 100644 index 0000000000..c784a1b89e --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs.md @@ -0,0 +1,71 @@ +--- +title: "kubeflow-pipelines-viewer-crd-controller Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-pipelines-viewer-crd-controller Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-pipelines-viewer-crd-controller** Image. + +## Variants Compared +The **kubeflow-pipelines-viewer-crd-controller** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|-----------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | not specified | not specified | +| CMD | `/usr/bin/viewer-crd-controller -logtostderr=true -max_num_viewers=50 --namespace="kubeflow"` | `/usr/bin/viewer-crd-controller -logtostderr=true -max_num_viewers=50 --namespace="kubeflow"` | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|--------------------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | | +| `busybox` | X | X | +| `ca-certificates-bundle` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubeflow-pipelines-viewer-crd-controller` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | X | +| `libcrypto3` | X | | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | | +| `ncurses` | X | | +| `ncurses-terminfo-base` | X | | +| `openssl-config` | X | | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info.md new file mode 100644 index 0000000000..f105830b18 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-pipelines-viewer-crd-controller Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-pipelines-viewer-crd-controller Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-pipelines-viewer-crd-controller** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-pipelines-viewer-crd-controller | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-pipelines-viewer-crd-controller | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-pipelines-viewer-crd-controller +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-pipelines-viewer-crd-controller -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history.md new file mode 100644 index 0000000000..8962ac992b --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-pipelines-viewer-crd-controller Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-pipelines-viewer-crd-controller Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-pipelines-viewer-crd-controller/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest-dev` | September 18th | `sha256:4b1b8b9d08df0f873895bf3ac577fbc933eb78fae6dfdb51239007958c352949` | +| `latest` | September 18th | `sha256:1994c8d2bb66f9246921a1ead590a3f08b4649329786f6f8bacd29452d647833` | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/_index.md b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/_index.md new file mode 100644 index 0000000000..be72b2cb28 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/_index.md @@ -0,0 +1,33 @@ +--- +title: "Image Overview: kubeflow-volumes-web-app" +linktitle: "kubeflow-volumes-web-app" +type: "article" +layout: "single" +description: "Overview: kubeflow-volumes-web-app Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info/" >}} +{{}} + +Minimal **kubeflow-volumes-web-app** images with nightly builds. + +## Get it! + +``` +docker pull cgr.dev/chainguard/kubeflow-volumes-web-app:latest +``` + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs.md b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs.md new file mode 100644 index 0000000000..3892ef915b --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs.md @@ -0,0 +1,88 @@ +--- +title: "kubeflow-volumes-web-app Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public kubeflow-volumes-web-app Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **kubeflow-volumes-web-app** Image. + +## Variants Compared +The **kubeflow-volumes-web-app** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|----------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | `/bin/bash -c "gunicorn -w 3 --bind 0.0.0.0:5000 --chdir /usr/share/kubeflow-volumes-web-app --access-logfile - entrypoint:app"` | `/bin/bash -c "gunicorn -w 3 --bind 0.0.0.0:5000 --chdir /usr/share/kubeflow-volumes-web-app --access-logfile - entrypoint:app"` | +| CMD | not specified | not specified | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|----------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | X | +| `busybox` | X | | +| `ca-certificates-bundle` | X | X | +| `gdbm` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `kubeflow-volumes-web-app` | X | X | +| `ld-linux` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libbz2-1` | X | X | +| `libcrypt1` | X | X | +| `libcrypto3` | X | X | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | X | +| `libffi` | X | X | +| `libgcc` | X | X | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | X | +| `libstdc++` | X | X | +| `mpdecimal` | X | X | +| `ncurses` | X | X | +| `ncurses-terminfo-base` | X | X | +| `openssl-config` | X | X | +| `py3-gunicorn` | X | X | +| `py3-importlib-metadata` | X | X | +| `py3-packaging` | X | X | +| `py3-parsing` | X | X | +| `py3-typing-extensions` | X | X | +| `py3-zipp` | X | X | +| `py3.11-setuptools` | X | X | +| `python-3.11` | X | X | +| `readline` | X | X | +| `sqlite-libs` | X | X | +| `wolfi-baselayout` | X | X | +| `xz` | X | X | +| `zlib` | X | X | + diff --git a/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info.md b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info.md new file mode 100644 index 0000000000..5a6aa328be --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for kubeflow-volumes-web-app Images" +type: "article" +unlisted: true +description: "Provenance information for kubeflow-volumes-web-app Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **kubeflow-volumes-web-app** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/kubeflow-volumes-web-app | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/kubeflow-volumes-web-app | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/kubeflow-volumes-web-app +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/kubeflow-volumes-web-app -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history.md b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history.md new file mode 100644 index 0000000000..132aa38d2d --- /dev/null +++ b/content/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "kubeflow-volumes-web-app Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the kubeflow-volumes-web-app Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/kubeflow-volumes-web-app/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest` | September 18th | `sha256:3b890574ee2f44b4029392bebcd879c3390ea898e6cc99cd1ceb974709f81c80` | +| `latest-dev` | September 18th | `sha256:5a7d2aa90962362d920c1e6131657329fbf5ffcb0adfae6f564ab8c51d7f94d3` | + diff --git a/content/chainguard/chainguard-images/reference/openai/tags_history.md b/content/chainguard/chainguard-images/reference/openai/tags_history.md index 487b6eb6db..1aa7230741 100644 --- a/content/chainguard/chainguard-images/reference/openai/tags_history.md +++ b/content/chainguard/chainguard-images/reference/openai/tags_history.md @@ -25,6 +25,6 @@ Please note that digests and timestamps only change when there is a change to th | Tag (s) | Last Changed | Digest | |---------------|----------------|---------------------------------------------------------------------------| -| `latest` | September 14th | `sha256:35599399ea80222e5b60e0a689ce26d9678baabe370bd0d57dc0b4e798af9695` | -| `latest-dev` | September 14th | `sha256:5b7d36b7533403d864799453f21d9734f54fb8f765f258bfc6b1a9073cab8c2a` | +| `latest-dev` | September 18th | `sha256:94e6f54e616e5c4aa3f14abe22ba3c35b7b999cef39b0b8cdcc7f50d1a512c02` | +| `latest` | September 18th | `sha256:00e5379731e3d72697586d0ecf8d4dba9cf626da9a566daacf511c80c855d944` | diff --git a/content/chainguard/chainguard-images/reference/semgrep/tags_history.md b/content/chainguard/chainguard-images/reference/semgrep/tags_history.md index 78ddddbe46..f8ce84e953 100644 --- a/content/chainguard/chainguard-images/reference/semgrep/tags_history.md +++ b/content/chainguard/chainguard-images/reference/semgrep/tags_history.md @@ -25,6 +25,6 @@ Please note that digests and timestamps only change when there is a change to th | Tag (s) | Last Changed | Digest | |---------------|----------------|---------------------------------------------------------------------------| -| `latest` | September 15th | `sha256:091b0bc32cf914550a0c78d932c0761d3fbeec626172e9757fab7b9b30f73546` | -| `latest-dev` | September 15th | `sha256:b1c6ac8f0866a4c8a033c83062f9d86c2ee662deb466eb9c330c4a3d03d24935` | +| `latest` | September 18th | `sha256:4753b037d5bdc32b61513406f8a490abf7036431423be20a84f346ac2a5b1e97` | +| `latest-dev` | September 18th | `sha256:965f6e9b6be86cf6031ae1cb0c2206d67921dd264c3eb55f67c9363c715d13cc` | diff --git a/content/chainguard/chainguard-images/reference/slim-toolkit-debug/tags_history.md b/content/chainguard/chainguard-images/reference/slim-toolkit-debug/tags_history.md index 1628437ee3..d36a6df71c 100644 --- a/content/chainguard/chainguard-images/reference/slim-toolkit-debug/tags_history.md +++ b/content/chainguard/chainguard-images/reference/slim-toolkit-debug/tags_history.md @@ -25,5 +25,5 @@ Please note that digests and timestamps only change when there is a change to th | Tag (s) | Last Changed | Digest | |-----------|----------------|---------------------------------------------------------------------------| -| `latest` | September 14th | `sha256:d14525bdb85f61d40e157c72e5c6ed9763e287b04c3f42c639edd0bdd7114487` | +| `latest` | September 18th | `sha256:419ac54c879bae74c92610f8fdd96743648556652b23e9e678e5ed88dc09245b` | diff --git a/content/chainguard/chainguard-images/reference/spark-operator/_index.md b/content/chainguard/chainguard-images/reference/spark-operator/_index.md new file mode 100644 index 0000000000..3fa1220eb4 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/spark-operator/_index.md @@ -0,0 +1,48 @@ +--- +title: "Image Overview: spark-operator" +linktitle: "spark-operator" +type: "article" +layout: "single" +description: "Overview: spark-operator Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +menu: + docs: + parent: "images-reference" +weight: 500 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=true url="/chainguard/chainguard-images/reference/spark-operator/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/spark-operator/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/spark-operator/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/spark-operator/provenance_info/" >}} +{{}} + + + +Minimalist Wolfi-based Spark Operator image for managing the lifecycle of Apache Spark applications on Kubernetes. + +## Get It! + +The image is available on `cgr.dev`: + +``` +docker pull cgr.dev/chainguard/spark-operator:latest +``` + +## Usage + +The easiest way to install the Kubernetes Operator for Apache Spark is to use the Helm chart. + +```bash +$ helm repo add spark-operator https://googlecloudplatform.github.io/spark-on-k8s-operator + +$ helm install my-release spark-operator/spark-operator --namespace spark-operator --create-namespace --set image.repository=cgr.dev/chainguard/spark-operator --set image.tag=latest +``` + +For more detail, please refer to the [Spark Operator installation documentation](https://github.com/GoogleCloudPlatform/spark-on-k8s-operator?tab=readme-ov-file#installation). diff --git a/content/chainguard/chainguard-images/reference/spark-operator/image_specs.md b/content/chainguard/chainguard-images/reference/spark-operator/image_specs.md new file mode 100644 index 0000000000..45615abc2d --- /dev/null +++ b/content/chainguard/chainguard-images/reference/spark-operator/image_specs.md @@ -0,0 +1,79 @@ +--- +title: "spark-operator Image Variants" +type: "article" +unlisted: true +description: "Detailed information about the public spark-operator Chainguard Image variants" +date: 2023-03-07T11:07:52+02:00 +lastmod: 2023-03-07T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 550 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/spark-operator/" >}} +{{< tab title="Variants" active=true url="/chainguard/chainguard-images/reference/spark-operator/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/spark-operator/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/spark-operator/provenance_info/" >}} +{{}} + +This page shows detailed information about all public variants of the Chainguard **spark-operator** Image. + +## Variants Compared +The **spark-operator** Chainguard Image currently has 2 public variants: + +- `latest-dev` +- `latest` + +The table has detailed information about each of these variants. + +| | latest-dev | latest | +|--------------|--------------------------|--------------------------| +| Default User | `nonroot` | `nonroot` | +| Entrypoint | `/usr/bin/entrypoint.sh` | `/usr/bin/entrypoint.sh` | +| CMD | not specified | not specified | +| Workdir | not specified | not specified | +| Has apk? | yes | no | +| Has a shell? | yes | yes | + +Check the [tags history page](/chainguard/chainguard-images/reference/spark-operator/tags_history/) for the full list of available tags. + +## Packages Included +The table shows package distribution across variants. + +| | latest-dev | latest | +|---------------------------------|------------|--------| +| `apk-tools` | X | | +| `bash` | X | X | +| `busybox` | X | | +| `ca-certificates-bundle` | X | X | +| `coreutils` | X | X | +| `git` | X | | +| `glibc` | X | X | +| `glibc-locale-posix` | X | X | +| `ld-linux` | X | X | +| `libacl1` | X | X | +| `libattr1` | X | X | +| `libbrotlicommon1` | X | | +| `libbrotlidec1` | X | | +| `libcrypt1` | X | | +| `libcrypto3` | X | X | +| `libcurl-openssl4` | X | | +| `libexpat1` | X | | +| `libnghttp2-14` | X | | +| `libpcre2-8-0` | X | | +| `libssl3` | X | X | +| `ncurses` | X | X | +| `ncurses-terminfo-base` | X | X | +| `openssl` | X | X | +| `openssl-config` | X | X | +| `openssl-provider-legacy` | X | X | +| `posix-libc-utils` | X | X | +| `spark-operator` | X | X | +| `spark-operator-oci-entrypoint` | X | X | +| `tini` | X | X | +| `wolfi-baselayout` | X | X | +| `zlib` | X | | + diff --git a/content/chainguard/chainguard-images/reference/spark-operator/provenance_info.md b/content/chainguard/chainguard-images/reference/spark-operator/provenance_info.md new file mode 100644 index 0000000000..8a59ac9551 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/spark-operator/provenance_info.md @@ -0,0 +1,72 @@ +--- +title: "Provenance Information for spark-operator Images" +type: "article" +unlisted: true +description: "Provenance information for spark-operator Chainguard Image" +date: 2022-11-01T11:07:52+02:00 +lastmod: 2022-11-01T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 600 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/spark-operator/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/spark-operator/image_specs/" >}} +{{< tab title="Tags History" active=false url="/chainguard/chainguard-images/reference/spark-operator/tags_history/" >}} +{{< tab title="Provenance" active=true url="/chainguard/chainguard-images/reference/spark-operator/provenance_info/" >}} +{{}} + +All Chainguard Images contain verifiable signatures and high-quality SBOMs (software bill of materials), features that enable users to confirm the origin of each image built and have a detailed list of everything that is packed within. + +## Verifying Image Signatures +The **spark-operator** Chainguard Images are signed using Sigstore, and you can check the included signatures using `cosign`. + +The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image. + +```shell +cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/spark-operator | jq +``` + +By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for. + +## Downloading and Verifying SBOMs + +All Chainguard Images come with a high-quality Software Bill Of Materials (SBOM) attested at build-time. The SBOM can be downloaded using the cosign tool: + +```shell +cosign download attestation \ + --predicate-type=https://spdx.dev/Document \ + cgr.dev/chainguard/spark-operator | jq -r .payload | base64 -d | jq +``` +By default, this command will fetch the SBOM assigned to the `latest` tag. You can also specify the tag you want to fetch the SBOM from. + +With cosign 2.0+, you can use the `cosign verify-attestation` command to check the signature of an SBOM: + +```shell +cosign verify-attestation \ + --type https://spdx.dev/Document \ + --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ + --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \ + cgr.dev/chainguard/spark-operator +``` + +And you should get output that verifies the SBOM signature in cosign's transparency log: + +``` +Verification for cgr.dev/chainguard/spark-operator -- +The following checks were performed on each of these signatures: +- The cosign claims were validated +- Existence of the claims in the transparency log was verified offline +- The code-signing certificate was verified using trusted certificate authority certificates +Certificate subject: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main +Certificate issuer URL: https://token.actions.githubusercontent.com +GitHub Workflow Trigger: schedule +GitHub Workflow SHA: da283c26829d46c2d2883de5ff98bee672428696 +GitHub Workflow Name: .github/workflows/release.yaml +GitHub Workflow Trigger chainguard-images/images +GitHub Workflow Ref: refs/heads/main +... +``` diff --git a/content/chainguard/chainguard-images/reference/spark-operator/tags_history.md b/content/chainguard/chainguard-images/reference/spark-operator/tags_history.md new file mode 100644 index 0000000000..0b2f425732 --- /dev/null +++ b/content/chainguard/chainguard-images/reference/spark-operator/tags_history.md @@ -0,0 +1,30 @@ +--- +title: "spark-operator Image Tags History" +type: "article" +unlisted: true +description: "Image Tags and History for the spark-operator Chainguard Image" +date: 2023-06-22T11:07:52+02:00 +lastmod: 2023-06-22T11:07:52+02:00 +draft: false +tags: ["Reference", "Chainguard Images", "Product"] +images: [] +weight: 700 +toc: true +--- + +{{< tabs >}} +{{< tab title="Overview" active=false url="/chainguard/chainguard-images/reference/spark-operator/" >}} +{{< tab title="Variants" active=false url="/chainguard/chainguard-images/reference/spark-operator/image_specs/" >}} +{{< tab title="Tags History" active=true url="/chainguard/chainguard-images/reference/spark-operator/tags_history/" >}} +{{< tab title="Provenance" active=false url="/chainguard/chainguard-images/reference/spark-operator/provenance_info/" >}} +{{}} + +The following table contains the most recent tags and digests that can be used to pin your Dockerfile to a specific build of this image. Check our guide on [Using the Tag History API](/chainguard/chainguard-images/using-the-tag-history-api/) for information on how to fetch all tags from an image and how to pin your Dockerfile to a specific digest. + +Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds). + +| Tag (s) | Last Changed | Digest | +|---------------|----------------|---------------------------------------------------------------------------| +| `latest` | September 18th | `sha256:f1d34f53acbadedbae9fa43d98db32cc3b26065f62e57e081e1315f7068b421b` | +| `latest-dev` | September 18th | `sha256:81a3f19e95e601427bd901baf005812bae7cce8a01e5c5ef018f281b28380b30` | +