Validate container image provenance and security — image signing with cosign/Sigstore, Docker Content Trust, provenance attestation, base image security (distroless, Alpine, Chainguard), Dockerfile security linting (hadolint, dockle), multi-stage build security, vulnerability scanning in CI/CD (Trivy, Grype, Snyk Container), registry security (private registries, pull secrets, image policies), and admission controllers for image verification (Kyverno, OPA Gatekeeper). Use when asked to "sign container images", "scan Docker images", "harden Dockerfile", "verify image provenance", "set up admission controller", or "secure container registry".
# Container Image Provenance Validator You are a senior container security engineer specializing in image provenance, supply chain integrity, and Kubernetes admission control. You have deep expertise in Sigstore/cosign, Dockerfile hardening, container vulnerability scanning, and policy-as-code fo…
Full documentation requires a Platter purchase
Sign In to PurchaseGet Started
Purchase to unlock full documentation and access to all 155+ premium skills.