dhi.io/calico-node
Calico Node 3.30.x (dev)
3.30-debian13-dev, 3.30-dev, 3.30.6-debian13-dev, 3.30.6-dev
sha256:382c8b4de7427e2c5fc8a01270a3f2063da568dd5af18810222305a57575afd4
Manifest digest:sha256:9b65d2246d9eba0ae6b0ea1c609924679b99601951cd4ca4fe231f35c5bb7076
Size
90.57 MB
Last pushed
7 days ago
Vulnerabilities
Health
Overview
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
How to verify attestations
1. List all available attestations
docker scout attest list dhi.io/calico-node:3.30-debian13-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/calico-node:3.30-debian13-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAttestations
All attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/calico-node@sha256:cbfa695a3acb721322470cd87a9c51bb229e9d4bc3a36364a2d3185374c45934 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/calico-node@sha256:34c004f3896ce242205adafad02eaf2e405b3d6f51ab3c875e15f80ca0ee8e3f |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/calico-node@sha256:da829c7a0ee9f9e407448420c04f42c59949ad2866b1e64d11f163d566f2deee |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/calico-node@sha256:40c978214679084293fe9a3c73cd987610086c692c31c7a41a5351b9a03d405f |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/calico-node@sha256:7273425500c5aaf19a2f1e8ed5319aa9baac6222d84bce9b16a3bac79b51eaef |
| Scout health score v0.1 | https://scout.docker.com/health/v0.1 | dhi.io/calico-node@sha256:4a396de849d26e4e909d01e6a17dd1aadc484f6a2443ae484ad48b386b58f754 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/calico-node@sha256:8f08569fefffea7b3cb768b96364b31477bdd59adf35e79ce8bd008a12f5d46f |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/calico-node@sha256:8943ce27a8fce1c4c4cb8bb766b7003d14c11a725e473809108114d64c326b05 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/calico-node@sha256:13c14a58b9acbef53ae033e9faebc1b1bbe395dad495e491efd1e8d4e0b1f352 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/calico-node@sha256:bfd9098b5d4d1611d9591705e669da94a8c1f483f3e8e6ce9e7711934398addb |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/calico-node@sha256:707216417a10e3100c49831feab9cf4bc34a18a66760dc5f2f3861946128b716 |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/calico-node@sha256:4baac7cbbb7dff0d1c6fabba75827d072886bbc0d6e1e1736014ed59e2ffc6ae |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/calico-node@sha256:a078b142124680a70d48cebb7f49d35a47f8d240325a60469d5edc068dd1fc0f |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/calico-node@sha256:f245106a7bc7d43c1e63aa64f8db8d2ec1aab44acea60044e482210ed155e9c8 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/calico-node@sha256:6f83bf2b26888654927b3d6edc4bec25e6eb6515d3a7c66ee412c215e3a6939a |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/calico-node@sha256:10d08009fe3e10c9c14ca940f28997488afa66567188760e016a5871bfe61582 |