dhi.io/calico-node
Calico Node 3.31.x
3, 3-debian13, 3.31, 3.31-debian13, 3.31.4, 3.31.4-debian13, v3.31.4
sha256:58f355683a714e67df0be4d620a3a1d11e0acaeaa344abae2ae427951eaf064a
Manifest digest:sha256:f39accb535ee673aa07dbc3a4938feb6325eb5caaa3c0143b9245bfcc891b002
Size
56.31 MB
Last pushed
7 days ago
Vulnerabilities
Health
Overview
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
How to verify attestations
1. List all available attestations
docker scout attest list dhi.io/calico-node:32. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/calico-node:3 --predicate-type https://slsa.dev/provenance/v0.2 --verifyAttestations
All attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/calico-node@sha256:f42a34beaaf0085a2a795d46967be43369d6937310c50243df853c98a472d543 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/calico-node@sha256:abb88721975b1f8e91982c8da72c767de8baf9357349640fec6b50954c1b7fa4 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/calico-node@sha256:70ee8e3906c46e82788e25a22785c52a1362f6c8ad8dda4174890917c6b60f88 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/calico-node@sha256:3757b13c5c56d0bd6e1c0a173ab9374ea2b6608a27d30dcc3b7fe97df598dcec |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/calico-node@sha256:94e135eb402904d46bd2e6ee5bcddc47425f6167d44165150893465d6cd69b15 |
| Scout health score v0.1 | https://scout.docker.com/health/v0.1 | dhi.io/calico-node@sha256:dd0e51d9c033f54d070fdf8390db1d9b920bd5a06515f191628e7eba49002144 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/calico-node@sha256:657d4522cd5a072d61e48f16606ff24758337b886745e4bfe64d7103d4517041 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/calico-node@sha256:3b1a5688ef7d18808dd8f5350167a7662ad7981af8e879426d41aad4e4c2c1c3 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/calico-node@sha256:beab375be5c48b8125fcf81a4ff073641fabc44b8ef47f841352211a8555215e |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/calico-node@sha256:2600619cae66480340210975d04212edefd0c6b350d248cee629cd8b1a033c2d |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/calico-node@sha256:60d2ad18b8f77d7e53e79e43bc0bf5deb59374c0b90eaa368992449abcfa7338 |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/calico-node@sha256:48b569a181b7418100f22ddfebf7e9d1f11ba49744e5949673676b9ccd21a281 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/calico-node@sha256:41a81cd5b2a0efd63e0fe62652a092899a8dbdd6f4c3744e9847d56be39c127f |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/calico-node@sha256:fcb6e37318ffc6a747147c81afd0e833cbdf334b9cc762603439ee664f817295 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/calico-node@sha256:0371e67358b1b4ae460477cfdb7b012728c75abb773176977303943e83df15c1 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/calico-node@sha256:dcaeac571a5510504c718a311b5030579d8af2629beee9bbc602281f80d59e1b |