harness/aws-ecr-job-runner
Maintained by: Harness Inc (https://www.harness.io/)
Where to get help: The Harness Community Slack (https://harnesscommunity.slack.com/)
This image helps to orchestrate AWS ECR security scans which test for vulnerabilities with Harness' Security Tests Step Library.
docker pull harness/aws-ecr-job-runner:<tag>
https://github.com/harness/harness-core/blob/develop/LICENSE.md
cosign download attestation --predicate-type=https://cosign.sigstore.dev/attestation/v1 harness/aws-ecr-job-runner:<tag> | jq -r .payload | base64 -d | jq -r .predicate.Data | jq
https://github.com/harness/sbom/blob/main/cosign.pub
cosign verify-attestation --key cosign.pub harness/aws-ecr-job-runner:<tag> --output-file results.json
docker pull harness/aws-ecr-job-runner