dotnet-aspnet

Dev

docker pull reg.mini.dev/dotnet-aspnet

Dev

Updated on June 14

docker pull reg.mini.dev/dotnet-aspnet

Compliance

Understand the compliance standards and security best practices supported by this image.

100% CIS Docker compliance 100% NIST compliance

Image Signature

Verify this image using Cosign to confirm it originates from Minimus. Cosign by Sigstore is the recommended open source toolset for supply-chain security.

The commands below verify latest. With a subscription for this image, you can verify any version. Learn More

Get Cosign

You can use the Cosign image offered by Minimus or install the following locally:

Cosign-a command line utility used to sign software artifacts and verify and download image signatures and attestations.
jq-a JSON processor used to format the signatures and attestations.

Verify Image Signature

Run the Cosign command to verify the image signature and confirm its integrity.

Verify latest

cosign verify \
    --certificate-oidc-issuer=https://accounts.google.com \
    --certificate-identity=minimus-images-sa@prod-375107.iam.gserviceaccount.com \
reg.mini.dev/dotnet-aspnet:latest | jq

Expected output

Verification for <image URL> --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- Existence of the claims in the transparency log was verified offline
- The code-signing certificate was verified using trusted certificate authority certificates
[
  {
    "critical": {
      "identity": {
        "docker-reference": "<image>"
      },
      "image": {
        "docker-manifest-digest": "sha256:..."
      },
      "type": "cosign container image signature"
    },
    "optional": {
      "1.3.6.1.4.1.57264.1.1": "https://token.actions.githubusercontent.com",
      "1.3.6.1.4.1.57264.1.2": "push",
      "1.3.6.1.4.1.57264.1.3": "dd163c4c4cd40309e9125158ed8c4698680d931f",
      "1.3.6.1.4.1.57264.1.4": "Publish",
      "1.3.6.1.4.1.57264.1.5": "minimusio/images",
      "1.3.6.1.4.1.57264.1.6": "refs/heads/main",
      "Bundle": {
        "SignedEntryTimestamp": "MEUCIQDODOzQphy9GSajwiKqimnggARG05MHdt5ju9eUU35MdAIgJS/d0Ng7UyF9PrA2hrGmEoPzlgGAK3lyN8f5t0Be9z0=",
        "Payload": {
          "body": 
"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYX
RhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIzMmU0NDMzMjEyNDE0NGJhOWI…

Get Cosign

Verify latest

This page is available on desktop