How-tos

もくじ

This section provides practical, task-based guidance for working with Docker Hardened Images (DHIs). Whether you're evaluating DHIs for the first time or integrating them into a production CI/CD pipeline, these topics cover the key tasks across the adoption journey, from discovery to debugging.

The topics are organized around the typical lifecycle of working with DHIs, but you can use them as needed based on your specific workflow.

Explore the topics below that match your current needs.

Discover

Explore available images and metadata in the DHI catalog.

Explore Docker Hardened Images

Learn how to find and evaluate image repositories, variants, metadata, and attestations in the DHI catalog on Docker Hub.

Adopt

Mirror trusted images, customize as needed, and integrate into your workflows.

Mirror a Docker Hardened Image repository

Learn how to mirror an image into your organization's namespace and optionally push it to another private registry.

Customize a Docker Hardened Image

Learn how to customize a DHI to suit your organization's needs.

Use a Docker Hardened Image

Learn how to pull, run, and reference Docker Hardened Images in Dockerfiles, CI pipelines, and standard development workflows.

Use a Docker Hardened Image in Kubernetes

Learn how to use Docker Hardened Images in Kubernetes deployments.

Use a Docker Hardened Image chart

Learn how to use a Docker Hardened Image chart.

Manage Docker Hardened Images

Learn how to manage your mirrored and customized Docker Hardened Images in your organization.

Migrate an existing application to use Docker Hardened Images

Follow a step-by-step guide to update your Dockerfiles and adopt Docker Hardened Images for secure, minimal, and production-ready builds.

Evaluate

Compare with other images to understand security improvements.

Compare Docker Hardened Images

Learn how to compare Docker Hardened Images with other container images to evaluate security improvements and differences.

Verify

Check signatures, SBOMs, and provenance, and scan for vulnerabilities.

Verify a Docker Hardened Image

Use Docker Scout or cosign to verify signed attestations like SBOMs, provenance, and vulnerability data for Docker Hardened Images.

Scan a Docker Hardened Image

Learn how to scan Docker Hardened Images for known vulnerabilities using Docker Scout, Grype, or Trivy.

Govern

Enforce policies to maintain security and compliance.

Enforce Docker Hardened Image usage with policies

Learn how to use image policies with Docker Scout for Docker Hardened Images.

Troubleshoot

Debug containers based on DHIs without modifying the image.

Debug a Docker Hardened Image

Use Docker Debug to inspect a running container based on a hardened image without modifying it.