https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/Recent content in How to Use Chainguard Containers onHugo -- gohugo.ioen-USThu, 19 Dec 2024 08:49:15 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/how-to-use-chainguard-images/Thu, 01 Sep 2022 08:49:31 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/how-to-use-chainguard-images/Chainguard Containers are minimal container images designed to reduce vulnerabilities and attack surface compared to traditional base images. These images use the apk package format to achieve smaller sizes while maintaining complete provenance information with cryptographic signatures, ensuring both enhanced security and traceability. In this guide, you’ll find general instructions on how to get started using Chainguard Containers and how to migrate existing container-based workflows to use our images. For specific image usage instructions, please refer to our Chainguard Containers Directory, which contains the full list of all images available to the public and their respective documentation.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/use-chainguard-helm-charts/Fri, 11 Jul 2025 08:49:31 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/use-chainguard-helm-charts/Helm is the package manager for Kubernetes that simplifies the installation and management of applications by automating the creation of Kubernetes resources. Helm charts are reusable, versioned packages that define a collection of Kubernetes resources required to run an application or service. You use Helm to define, install, and perform upgrades to your applications on Kubernetes. Previously, Chainguard created containers specially designed for compatibility with community Helm charts to deliver added benefits to customers already using those charts.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/proxy-and-cache/Mon, 14 Jul 2025 08:10:31 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/proxy-and-cache/This page shows you how to set up and use Chainguard Helm Charts with Artifactory via remote Helm OCI repositories. Create and configure Helm OCI repository in Artifactory From the administration panel within Artifactory, create a remote repository, picking Helm as the repo type. we’ll call it iamguarded-charts To determine values for the User Name and Password / Access Token fields, run the following command: $ORGANIZATION=YOUR-ORGANIZATION chainctl auth configure-docker --pull-token --save --parent $ORGANIZATIONSet $ORGANIZATION to be the organization name you’re pulling Helm Charts from.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/use-with-openshift/Tue, 17 Jun 2025 08:49:31 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/use-with-openshift/Chainguard Containers are fully compatible with Red Hat OpenShift Container Platform, providing enhanced security while requiring some configuration adjustments for OpenShift’s security context constraints. This guide explains how to successfully deploy Chainguard’s minimal, security-hardened container images in OpenShift environments. Red Hat OpenShift is an application platform that orchestrates and manages your systems and resources. While it is based on open source software like Kubernetes, OpenShift includes a suite of applications with additional functionality that are configured to work together.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/retrieve-image-sboms/Fri, 17 Nov 2023 11:07:52 +0200https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/retrieve-image-sboms/Chainguard provides a Software Bill of Materials (SBOM) with every container image, enabling complete transparency about package contents and dependencies for security and compliance requirements. These SBOMs are cryptographically signed and attached as attestations, making them retrievable and verifiable. By including only the minimum packages needed, Chainguard Containers reduce attack surface while the SBOM ensures you can verify exactly what’s in each image. Even though they contain the minimum number of packages, there may come a time when you want to know exactly what’s running inside of a certain Chainguard Container.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/verifying-chainguard-images-and-metadata-signatures-with-cosign/Mon, 18 Mar 2024 08:59:52 -0700https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/verifying-chainguard-images-and-metadata-signatures-with-cosign/Chainguard signs all container images and their attestations (including SBOMs) to ensure supply chain security and enable verification of image authenticity. These cryptographic signatures allow you to confirm that images come from Chainguard and haven’t been tampered with, while attestations provide detailed information about image contents and build provenance. This guide outlines how you can use Cosign to download and verify container image signatures and attestations. Prerequisites The following examples require Cosign and jq to be installed on your machine in order to download and verify image attestations.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/images-directory/Fri, 23 Feb 2024 11:07:52 +0200https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/images-directory/There are hundreds of Chainguard Containers available for use. To help users explore and better understand all of these container images, we’ve developed the Chainguard Directory. This guide serves as a walkthrough of the browsing experience for Chainguard Containers in the Directory and Console, including how to access it and get the most out of its features. Accessing the Chainguard Directory and Console This guide is primarily framed around the Chainguard Directory and the Chainguard Console.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/dev-containers/Mon, 10 Mar 2025 11:07:52 +0200https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/dev-containers/Development Containers — sometimes known as “dev containers” — allow you to use a container as a development environment where you can run applications and separate tools, libraries, or runtimes. Dev containers can also help with testing and continuous integration. With a few changes, the images based on Wolfi and maintained by Chainguard provide distroless images that can be used as dev containers. This guide outlines how you can set up a Chainguard image as a dev container in VS Code.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/init-containers/Mon, 04 Aug 2025 15:21:01 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/init-containers/Chainguard Containers are designed with minimalism and security in mind. By including fewer packages and tools, Chainguard Containers have a smaller attack surface than their counterparts. However, there are cases where the external counterparts have certain desirable features, like useful startup scripts or configuration defaults. There are several ways to customize Chainguard Containers. For example, you can use Custom Assembly to add packages to an otherwise minimal Chainguard container image. Changing a Chainguard container image’s configuration — such as updating its entrypoint or adding startup scripts — requires a different strategy.https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/static-base-image/Wed, 30 Aug 2023 15:21:01 +0000https://deploy-preview-2826--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/how-to-use/static-base-image/Tools used in this video Docker Grype Dockerfile FROM cgr.dev/chainguard/go AS build COPY main.go /main.go RUN CGO_ENABLED=0 go build -o /hello /main.go FROM cgr.dev/chainguard/static COPY --from=build /hello /usr/local/bin/ CMD ["hello"] Transcript So what’s the best container base image to use? 0:10 Well, there’s plenty of choices but if everything else is equal, I would choose something very small and with a low known-vulnerability account, and an excellent example of this is a Chainguard static image.