nginx
Infra
docker pull reg.mini.dev/nginx
Infra
Updated 5 days ago
docker pull reg.mini.dev/nginx
SBOM Signature
Verify this image using Cosign to confirm it originates from Minimus. Cosign by Sigstore is the recommended open source toolset for supply-chain security.
The commands below verify latest. With a subscription for this image, you can verify any version and its SBOM. Learn More
Get Cosign
You can use the Cosign image offered by Minimus or install the following locally:
Verify SBOM Signature
Verify latest
cosign verify-attestation \
--type https://spdx.dev/Document \
--certificate-oidc-issuer=https://accounts.google.com \
--certificate-identity=minimus-images-sa@prod-375107.iam.gserviceaccount.com \
reg.mini.dev/nginx@sha256:7881cef8f604686bc466534432ccac06d39c311b6c268d911f7114a0ecbd78f6Expected output
Verification for <image URL> --The following checks were performed on each of these signatures:- The cosign claims were validated- Existence of the claims in the transparency log was verified offline- The code-signing certificate was verified using trusted certificate authority certificatesCertificate subject: https://github.com/minimusio/images/.github/workflows/build.yaml@refs/heads/mainCertificate issuer URL: https://token.actions.githubusercontent.comGitHub Workflow Trigger: pushGitHub Workflow SHA: dd163c4c4cd40309e9125158ed8c4698680d931fGitHub Workflow Name: PublishGitHub Workflow Repository: minimusio/imagesGitHub Workflow Ref: refs/heads/main{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0Z…