dhi.io/calico-node

Calico Node 3.31.x (dev)

CIS

linux/amd64

debian 13

Tags:

3-debian13-dev, 3-dev, 3.31-debian13-dev, 3.31-dev, 3.31.4-debian13-dev, 3.31.4-dev

Index digest:

sha256:f93c69b9b13df5aa5727ea7c8392bc4cac0bc5f4eec9664946ecba91524f8619

Manifest digest:

sha256:0c92231e69cef463f3623f4b03e5510d03e512cdeea0c4d3f6c1abed2f70b23f

ARCH

Size

91.28 MB

Last pushed

7 days ago

Vulnerabilities

Health

Packages (308)Specifications Vulnerabilities (2)Attestations

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.⁠

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub⁠ and also archived at https://github.com/docker-hardened-images/keyring⁠.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/calico-node:3-debian13-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/calico-node:3-debian13-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.⁠

Predicate	Predicate type	Reference
CycloneDX SBOM v1.6	https://cyclonedx.org/bom/v1.6	dhi.io/calico-node@sha256:15c87bed768ea071099a556ec523fc8247a474791749db63229addcd94fd90f1
Changelog v0.1	https://docker.com/dhi/changelog/v0.1	dhi.io/calico-node@sha256:cbbed43b96f455d38339f6a2c4fcd9228a68185c16d954bd7eea977df187de5e
DHI Image Sources v0.1	https://docker.com/dhi/source/v0.1	dhi.io/calico-node@sha256:c626952d118bdfcc777d74c39b63effa758a7c1cf971ffff0bf4203cf9fa8e2d
CVEs v0.2	https://in-toto.io/attestation/vulns/v0.2	dhi.io/calico-node@sha256:2bef8ba57f06e4a42fcdcb49f1d43ee358a0e525b1b4eba45eb6bcfc55017d41
VEX v0.2.0	https://openvex.dev/ns/v0.2.0	dhi.io/calico-node@sha256:3d733e264a503fc3bb3dd56b2d177357f81d1b428a4fb136a5c4a65bf31cf8cf
Scout health score v0.1	https://scout.docker.com/health/v0.1	dhi.io/calico-node@sha256:15dd15c27b641811f1587428d46b6a3aaed6eaa67c8b5c28ca75e4c3b683ccae
Scout provenance v0.1	https://scout.docker.com/provenance/v0.1	dhi.io/calico-node@sha256:4cd3ccfa67df20d71793680fd695d63eb9b8f68d0ca6f762500279b5326d7ad0
Scout SBOM v0.1	https://scout.docker.com/sbom/v0.1	dhi.io/calico-node@sha256:3e0730e58135ebe2e56fd97edb6ce374af67d2d5600cbcccb2870198039c8214
Secrets scan v0.1	https://scout.docker.com/secrets/v0.1	dhi.io/calico-node@sha256:9835729f185fe4e101b193ffec2c41ced8134b4f95e507baa41f3cb4ec04815a
Tests v0.1	https://scout.docker.com/tests/v0.1	dhi.io/calico-node@sha256:70f67294db8aee5b3bc115fb65ef0827af2f4c5d85aa92c4f43bc4c74f301a59
Virus scan v0.1	https://scout.docker.com/virus/v0.1	dhi.io/calico-node@sha256:78302e6b5ba0c6085df2c7feca392ffb60f6a7a04c05735b28f076e11401ac92
CVEs v0.1	https://scout.docker.com/vulnerabilities/v0.1	dhi.io/calico-node@sha256:6256ef65a17416695eb99c009d4e734efe2fa1d769080eb782302d08d53c9cae
SLSA provenance v0.2	https://slsa.dev/provenance/v0.2	dhi.io/calico-node@sha256:31105673de81dc2b3c3f511dff2f57c9ba5eba154bc79f051f8b40c28c39a47f
SLSA provenance v1	https://slsa.dev/provenance/v1	dhi.io/calico-node@sha256:4a2e43f69692203c3aef09765c64bd0d4b9855de823eb9ce848f1c31b965914a
SLSA verification summary v1	https://slsa.dev/verification_summary/v1	dhi.io/calico-node@sha256:50ce772ccdf81ea21c789373dbff748910c739150c490da80b024ce16bade37d
SPDX SBOM	https://spdx.dev/Document	dhi.io/calico-node@sha256:d8aaf490508443999b7d35191ae8c5792c2c655d8807aedbb646355affcd4207