harness/aws-ecr-job-runner

By harness

Updated 1 day ago

Image

6.3K

Quick Reference

Maintained by: Harness Inc (https://www.harness.io/)
Where to get help: The Harness Community Slack (https://harnesscommunity.slack.com/)

What is aws-ecr-job-runner?

This image helps to orchestrate AWS ECR security scans which test for vulnerabilities with Harness' Security Tests Step Library.

How to install

docker pull harness/aws-ecr-job-runner:<tag>

License

https://github.com/harness/harness-core/blob/develop/LICENSE.md

How to download SBOM

cosign download attestation --predicate-type=https://cosign.sigstore.dev/attestation/v1 harness/aws-ecr-job-runner:<tag> | jq -r .payload | base64 -d | jq -r .predicate.Data | jq

How to download public key

https://github.com/harness/sbom/blob/main/cosign.pub

How to verify SBOM attestations

cosign verify-attestation --key cosign.pub harness/aws-ecr-job-runner:<tag> --output-file results.json

Docker Pull Command

docker pull harness/aws-ecr-job-runner