Chainguard

Chainguard Academy

  • Product Docs
    • Chainguard Enforce
    • Chainguard Images
    • chainctl
  • Open Source
    • Sigstore
    • Wolfi
    • apko
    • melange
    • Open Containers
    • SBOMs
    • SLSA
  • Software Security
    • What is Software Supply Chain Security
    • How to Select a Secure Base Image
    • Secure Software Recommendations
    • Glossary
    • Videos
  • GitHub
  • Twitter
    • What is SLSA?
    • What is an SBOM (software bill of materials)?
    • Getting Started with OpenVEX and vexctl
    • What Makes a Good SBOM?
    • What is OpenVex?
    • Wolfi Overview
    • Wolfi FAQs
    • Why apk
    • Creating Wolfi Images with Dockerfiles
    • Hello Wolfi Workshop Kit
    • apko Overview
    • Getting Started with apko
    • apko YAML Reference
    • Troubleshooting apko Builds
    • apko FAQs
    • melange Overview
    • melange YAML Reference
    • Troubleshooting melange Builds
    • melange FAQs
      • go/install
      • autoconf/configure
      • autoconf/make
      • autoconf/make-install
      • cmake/build
      • cmake/configure
      • cmake/install
      • fetch
      • git-checkout
      • meson/compile
      • meson/configure
      • meson/install
      • patch
      • split/dev
      • split/infodir
      • split/locales
      • split/manpages
      • split/static
      • strip
      • go/build
      • ruby/build
      • ruby/clean
      • ruby/install
      • Getting Started with melange
    • How to Keyless Sign a Container Image with Sigstore
      • How to Install Sigstore Policy Controller
      • Enforce SBOM attestation with Policy Controller
      • Disallowing Non-Default Capabilities
      • Disallowing Privileged Pods
      • Disallowing Run as Root User
      • Maximum Container Image Age
      • Disallowing Unsafe sysctls
      • Verify Signed Chainguard Images
      • An Introduction to Cosign
      • How to Install Cosign
      • How to Sign a Container with Cosign
      • How to Sign Blobs and Standard Files with Cosign
      • How to Verify File Signatures with Cosign
      • How to Sign an SBOM with Cosign
      • Cosign: The Manual Way
      • An Introduction to Fulcio
      • How to Generate a Fulcio Certificate
      • How to Inspect and Verify Fulcio Certificates
      • An Introduction to Rekor
      • How to Install the Rekor CLI
      • How to Query Rekor
      • How to Sign and Upload Metadata to Rekor
      • How to Verify File Signatures with Rekor or curl
      • How to Set Up An Instance of Rekor Instance Locally
    • What is the Open Container Initiative?
    • What are OCI artifacts?

Wolfi

Wolfi is a Linux undistro designed to support the creation of container images that meet the requirements of a secure software supply chain.

Wolfi Overview →
Wolfi FAQs →
Why Apk →
Creating Wolfi Images With Dockerfiles →
Hello Wolfi Workshop Kit →
  • ©2023 Chainguard, CC BY-NC-SA 4.0