# Chainguard Academy > Documentation, tutorials, and resources for Chainguard products and software supply chain security. ## Chainguard Products - [Chainguard VMs Overview](https://edu.chainguard.dev/chainguard/vms/overview.md): Chainguard VMs are designed for minimalism, security, and operational clarity. - [Overview of Chainguard's Package Repositories](https://edu.chainguard.dev/chainguard/chainguard-images/features/packages/package-model.md): Overview of Chainguard's package repositories, highlighting the different repositories and how to access them. - [Build Java Containers with Jib](https://edu.chainguard.dev/chainguard/chainguard-images/tooling/building-java-containers-with-jib.md): In this tutorial, you'll learn how to build minimal Java containers using Jib and Chainguard base images - [Build Go Containers with Ko](https://edu.chainguard.dev/chainguard/chainguard-images/tooling/building-go-containers-with-ko.md): In this tutorial, you'll learn how to build minimal Go Containers using Ko and Chainguard base images - [What is the Chainguard Factory?](https://edu.chainguard.dev/chainguard/factory/what-is-factory.md): Dustin Kirkland explains the concept and purpose of the Chainguard Factory - [Chainguard Libraries overview](https://edu.chainguard.dev/chainguard/libraries/overview.md): Learn about Chainguard Libraries, providing enhanced security for Java, JavaScript, and Python dependencies through automated patching and comprehensive supply chain protection. - [Quick start for Chainguard Libraries](https://edu.chainguard.dev/chainguard/libraries/quickstart.md): Learn how to get started with Chainguard Libraries - [Overview of Chainguard Custom Assembly](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly.md): How to use Chainguard's Custom Assembly tool - [Chainguard Libraries access](https://edu.chainguard.dev/chainguard/libraries/access.md): Learn how to access Chainguard Libraries for enhanced security in Java and Python dependencies, including authentication and organization setup - [Custom Assembly FAQs](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/faq.md): Answers to your questions about Chainguard's Custom Assembly tool - [Getting Started with the C/C++ Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/c.md): Learn how to compile and run C/C++ applications using Chainguard's security-hardened containers with minimal CVEs and optimized runtime environments - [Chainguard Libraries network requirements](https://edu.chainguard.dev/chainguard/libraries/network-requirements.md): Learn the network requirements for accessing Chainguard Libraries, including domains needed for authentication, package downloads, and verification tools - [Chainguard Libraries verification](https://edu.chainguard.dev/chainguard/libraries/verification.md): Learn how to verify libraries and packages are from Chainguard Libraries using the chainctl tool for enhanced supply chain security - [Chainguard End-of-Life Grace Period for Containers](https://edu.chainguard.dev/chainguard/chainguard-images/features/eol-gp-overview.md): Understanding Chainguard's end-of-life (EOL) grace period. - [Chainguard Criteria for Determining Whether to Build a Container Image](https://edu.chainguard.dev/chainguard/chainguard-images/about/what-chainguard-will-build.md): An overview of what Chainguard will build - [Chainguard VMs Compliance Features](https://edu.chainguard.dev/chainguard/vms/compliance-features.md): Learn about supported compliance features for Chainguard VMs - [Kubernetes Policy Enforcement with OPA Gatekeeper](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/enforcement/opa-gatekeeper.md): How to enforce best practices and ensure compliance with OPA Gatekeeper. - [Overview of The Chainguard Factory](https://edu.chainguard.dev/chainguard/factory/overview.md): Learn about Chainguard Factory, the automated build system that continuously updates thousands of containers, libraries, and VMs with the latest security patches - [Using the Chainguard Console to Manage Custom Assembly Resources](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly-console.md): How to use Chainguard's Custom Assembly tool in the Chainguard console. - [Chainguard Shared Responsibility Model](https://edu.chainguard.dev/chainguard/chainguard-images/about/shared-responsibility-model.md): Reference guide outlining Chainguard's Shared Responsibility model: a framework that clarifies security obligations for hardened container images. - [Overview of Migrating to Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migrations-overview.md): This overview serves as a collection of information and resources on migrating to Chainguard Containers. - [How to Set Up Pull Through from Chainguard's Registry to Google Artifact Registry](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/artifact-registry-pull-through.md): Tutorial outlining how to set up a Google Artifact Registry repository to pull Containers through from Chainguard's registry. - [Migrating to PHP Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/migrating-php.md): Learn how to migrate PHP applications to Chainguard Containers for enhanced security, reduced CVEs, and support for both FPM and CLI workloads - [Overview of Roles and Role-bindings in Chainguard](https://edu.chainguard.dev/chainguard/administration/iam-organizations/roles-role-bindings/roles-role-bindings.md): An overview of Chainguard's identities, roles, and role-bindings, as well as instructions for how to manage roles and role-bindings with chainctl. - [Alpine Compatibility](https://edu.chainguard.dev/chainguard/migration/compatibility/alpine-compatibility.md): Differences between Chainguard Containers and Alpine third-party images - [How to Set Up Pull-through from Chainguard's Container Registry to Artifactory](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/artifactory/artifactory-images-pull-through.md): Tutorial outlining how to set up a remote Artifactory repository to pull images through Chainguard's container registry. - [Getting Started with the Cilium Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/cilium.md): Learn how to deploy Cilium CNI using Chainguard's security-hardened container images for enhanced Kubernetes network security with eBPF - [Strategies for Minimizing your CVE Risk](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/cve-risk.md): Learn strategies for minimizing CVE risk in container images, including how Chainguard's approach to minimal images and rapid patching helps reduce vulnerabilities - [Considerations for Keeping Containers Up to Date](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/updating-images/considerations-for-image-updates.md): Learn best practices for updating container images, including Chainguard's approach to daily rebuilds, semantic versioning, and balancing security with stability - [Debugging Distroless Container Images](https://edu.chainguard.dev/chainguard/chainguard-images/troubleshooting/debugging-distroless-images.md): In this article, we'll discuss a few different strategies to debug distroless images, considering these images typically don't include a shell or package managers. - [Overview of Assumable Identities in Chainguard](https://edu.chainguard.dev/chainguard/administration/assumable-ids/assumable-ids.md): An overview of what assumable identities are and how they can be used with Chainguard assets. - [Create an Assumable Identity for a GitHub Actions Workflow](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/github-identity.md): Tutorial outlining how to create a Chainguard identity that can be assumed by a GitHub Actions workflow. - [Using Custom Identity Providers to Authenticate to Chainguard](https://edu.chainguard.dev/chainguard/administration/custom-idps/custom-idps.md): An introduction to and overview of Chainguard's custom IDP support features - [Registry Overview](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/overview.md): Learn about Chainguard's container registry, including public access to free images, authenticated access for production images, and network requirements - [Chainguard Events](https://edu.chainguard.dev/chainguard/administration/cloudevents/events-reference.md): Chainguard Events - [Overview of Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/overview.md): Learn about Chainguard Containers, distroless images, and how they provide enhanced security through minimal attack surface and comprehensive supply chain features. - [Overview of the Chainguard IAM Model](https://edu.chainguard.dev/chainguard/administration/iam-organizations/overview-of-chainguard-iam-model.md): Learn how Chainguard's Identity and Access Management (IAM) model works with organizations, folders, and role-based access control for more secure resource management - [CVE remediation for Chainguard Libraries](https://edu.chainguard.dev/chainguard/libraries/cve-remediation.md): An overview of the CVE remediation feature for Chainguard Libraries - [How to Set Up Pull Through from Chainguard's Registry to Amazon ECR](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/ecr-pull-through.md): Overview of using Amazon ECR as a pull-through cache for Chainguard's registry. - [Vulnerability scanners and Chainguard Libraries](https://edu.chainguard.dev/chainguard/libraries/scanners.md): Details for using vulnerability scanners with Chainguard Libraries. - [Browsing Chainguard Libraries](https://edu.chainguard.dev/chainguard/libraries/browse.md): Searching, browsing, and inspecting Chainguard Libraries in the console - [Tips for Migrating to Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-tips.md): This guide outlines a number of tips and strategies to keep in mind for when your organization begins migrating to Chainguard Containers. - [FedRAMP Technical Considerations & Risk Factors](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/fedramp-considerations.md): A conceptual overview of Chainguard FIPS Containers. - [Overview of Chainguard Repository](https://edu.chainguard.dev/chainguard/chainguard-repository/overview.md): Chainguard Repository Overview - [Chainguard VMs FAQ](https://edu.chainguard.dev/chainguard/vms/faq.md): Frequently asked questions about Chainguard VMs, including availability, supported ecosystems, compliance, and more - [Understanding FIPS](https://edu.chainguard.dev/chainguard/fips/understanding-fips.md): Learn about FIPS standards, who needs FIPS validation, and the cryptographic module validation process - [Kubernetes Policy Enforcement with Kyverno](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/enforcement/kyverno.md): How to enforce best practices and ensure compliance with Kyverno. - [Built-in Roles and Capabilities Reference](https://edu.chainguard.dev/chainguard/administration/iam-organizations/roles-role-bindings/capabilities-reference.md): A resource documenting the capabilities and permissions of Chainguard's built-in IAM roles. - [Chainguard Factory FAQs](https://edu.chainguard.dev/chainguard/factory/faq.md): Frequently asked questions about Chainguard Factory, the automated build system that monitors and updates thousands of open source projects for enhanced security - [Overview of Chainguard OS](https://edu.chainguard.dev/chainguard/chainguard-os/overview.md): Learn about Chainguard OS, the security-focused operating system that powers Chainguard containers with continuous updates, minimal attack surface, and enterprise-grade security features - [Using chainctl to Manage Custom Assembly Resources](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly-chainctl.md): How to use chainctl to manage Custom Assembly resources. - [Subscribing to Chainguard CloudEvents](https://edu.chainguard.dev/chainguard/administration/cloudevents/events-example.md): . - [Chainguard Libraries for Python overview](https://edu.chainguard.dev/chainguard/libraries/python/overview.md): Learn about Chainguard Libraries for Python, providing enhanced security for PyPI packages through automated vulnerability patching and supply chain protection - [Chainguard Libraries FAQ](https://edu.chainguard.dev/chainguard/libraries/faq.md): Frequently asked questions about Chainguard Libraries, including security benefits, supported ecosystems, and how automated patching protects against supply chain attacks - [How End-of-Life Software Accumulates Vulnerabilities](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/updating-images/how-eol-software-accumulates-cves.md): A conceptual article outlining the risk involved with using EOL software and how EOL images accrue vulnerabilities. - [How to Pull Packages from Chainguard Package Repositories through Artifactory](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/artifactory/artifactory-packages-pull-through.md): Tutorial for setting up remote Artifactory repositories as pull-through caches for apk packages from Chainguard's package repositories. - [STIGs for Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/features/image-stigs.md): A conceptual overview of Security Technical Implementation Guides, which are available for Chainguard Containers. - [Reproducibility and Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/repro.md): This video explains the importance of reproducibility and how to recreate any Chainguard image from an attestation. - [Migrating to Node.js Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/migrating-node.md): Learn how to migrate Node.js applications to Chainguard Containers for reduced vulnerabilities, smaller image sizes, and automated security patching - [How to Port a Sample Application to Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/porting-apps-to-chainguard.md): This article works through porting a small but complete application to use Chainguard Containers. As we'll see, this is relatively straightforward, but it is important to be aware of some of the differences to other common images. - [Getting Started with Distroless Container Images](https://edu.chainguard.dev/chainguard/chainguard-images/about/getting-started-distroless.md): Why distroless containers are more secure: Chainguard's approach removes shells, package managers, and unnecessary components to minimize attack surface while maintaining compatibility - [Debian Compatibility](https://edu.chainguard.dev/chainguard/migration/compatibility/debian-compatibility.md): Differences between Chainguard Containers and Debian third-party images - [Debugging Distroless Containers with Docker Debug](https://edu.chainguard.dev/chainguard/chainguard-images/troubleshooting/debugging_distroless.md): How to use the Docker Debug feature to debug Distroless and minimal containers - [How to Use Chainguard Security Advisories](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/security-advisories/how-to-use.md): Article outlining how one can explore and use the Security Advisories found on the Chainguard Container Directory. - [Chainguard Containers Network Requirements](https://edu.chainguard.dev/chainguard/chainguard-images/network-requirements.md): Using Chainguard Containers with firewalls, access control lists, and proxies. - [Create an Assumable Identity for a GitLab CI/CD Pipeline](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/gitlab-identity.md): Procedural tutorial outlining how to create a Chainguard identity that can be assumed by a GitLab CI/CD pipeline. - [Create Role-bindings for a GitHub Team Using Terraform](https://edu.chainguard.dev/chainguard/administration/iam-organizations/roles-role-bindings/rolebinding-terraform-gh.md): Procedural tutorial outlining how to use Terraform to create Chainguard role-bindings for members of a GitHub team. - [How To Integrate Okta SSO with Chainguard](https://edu.chainguard.dev/chainguard/administration/custom-idps/idp-providers/okta.md): Procedural tutorial on how to create an Okta App Integration - [Getting Started with the Go Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/go.md): Learn how to build more secure Go applications with Chainguard's Go container images, featuring minimal attack surface and multi-stage build patterns for optimized runtime - [How to Install chainctl](https://edu.chainguard.dev/chainguard/chainctl-usage/how-to-install-chainctl.md): Learn how to install chainctl, Chainguard's command-line interface for managing container images, IAM resources, and security configurations across platforms - [How to Use Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/how-to-use-chainguard-images.md): Learn how to use Chainguard Containers in your applications, including pulling images, extending base images, and migrating from traditional container images - [How to Manage Chainguard IAM Organizations](https://edu.chainguard.dev/chainguard/administration/iam-organizations/how-to-manage-iam-organizations-in-chainguard.md): Using Identity and Access Management in Chainguard - [Chainguard OpenAPI Specification](https://edu.chainguard.dev/chainguard/api/spec.md) - [Chainguard API v1 Specification](https://edu.chainguard.dev/chainguard/api/spec-api-v1.md) - [Chainguard API v2 Specification](https://edu.chainguard.dev/chainguard/api/spec-api-v2.md) - [Using GitOps to Manage Custom Assembly Resources](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly-gitops.md): How to use GitOps to manage Custom Assembly resources. - [Create an Assumable Identity to Authenticate from AWS](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/aws-identity-oidc.md): Tutorial outlining how to create a Chainguard identity that can be assumed by an AWS user or role using outbound identity federation. - [Create an Assumable Identity to Authenticate from AWS (Legacy)](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/aws-identity.md): Tutorial outlining how to create a Chainguard identity that can be assumed by an AWS user or role. - [Create an Assumable Identity for a Kubernetes Pod](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/kubernetes-identity.md): Procedural tutorial outlining how to create a Chainguard identity that can be assumed by a Kubernetes pod. - [Requesting New Chainguard Resources](https://edu.chainguard.dev/chainguard/chainguard-images/features/request-resources.md): How to submit requests for Chainguard to build new resources in the Console. - [How to Sync Images from Chainguard's Registry to Harbor](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/harbor.md): Tutorial outlining how to sync images from Chainguard's registry to Harbor. - [Using the Chainguard API to Manage Custom Assembly Resources](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly-api-demo.md): How to use the Chainguard API to manage Custom Assembly resources. - [Strategies and Tooling for Updating Containers](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/updating-images/strategies-tools-updating-images.md): A conceptual article outlining different strategies and tools for keeping images up to date and avoiding the use of end-of-life software. - [Mirror new Containers to Google Artifact Registry with Chainguard CloudEvents](https://edu.chainguard.dev/chainguard/administration/cloudevents/image-copy-gcr.md): Instructional guide outlining how one can set up an application that will listen for push events on a private registry and mirror any new Chainguard Containers to a GCP Artifact Registry. - [Debugging Distroless Container Images with Kubectl Debug and CDebug](https://edu.chainguard.dev/chainguard/chainguard-images/troubleshooting/kubectl_cdebug.md): This video explains how to use the Kubectl and cdebug tools to investigate failing containers. It focuses on how to debug distroless images with no shell where traditional 'exec' commands don't work. - [How to Migrate a Node.js Application to Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/node-images.md): Learn how to migrate Node.js applications to Chainguard Containers for improved security, smaller images, and built-in support for npm and yarn package managers - [How to Set Up Pull Through from Chainguard's Registry to Nexus](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/nexus-pull-through.md): Tutorial outlining how to set up a Nexus repository to pull container images through from Chainguard's registry. - [Migrating Dockerfiles to Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migrating-to-chainguard-images.md): Learn how to migrate existing Dockerfiles to Chainguard Containers for improved security, including package compatibility, multi-stage builds, and distro-specific considerations - [How Chainguard Containers are Tested](https://edu.chainguard.dev/chainguard/chainguard-images/about/images-testing.md): A conceptual article outlining testing requirements for Chainguard Containers. - [Ubuntu Compatibility](https://edu.chainguard.dev/chainguard/migration/compatibility/ubuntu-compatibility.md): Differences between Chainguard Containers and Ubuntu third-party images - [Getting Started with the Chainguard Istio Containers](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/istio.md): Learn how to deploy Istio service mesh using Chainguard's security-hardened Istio images with reduced vulnerabilities and minimal attack surface - [Verified Organizations](https://edu.chainguard.dev/chainguard/administration/iam-organizations/verified-orgs.md): An overview of how to verify your organization and the implications - [Create an Assumable Identity for a Buildkite Pipeline](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/buildkite-identity.md): Procedural tutorial outlining how to create a Chainguard identity that can be assumed by a Buildkite workflow. - [How To Integrate Ping Identity SSO with Chainguard](https://edu.chainguard.dev/chainguard/administration/custom-idps/idp-providers/ping-id.md): Procedural tutorial on how to create a Ping Identity Application - [Chainguard OS Packages](https://edu.chainguard.dev/chainguard/chainguard-os/chainguard-os-packages.md): Chainguard OS Packages - [Adding Custom Certificates with Custom Assembly](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly-certs.md): How to add custom certificates to customized images with Custom Assembly. - [What does the Chainguard Factory build?](https://edu.chainguard.dev/chainguard/factory/what-factory-builds.md): Interview with Dustin Kirkland about the products and artifacts created by the Chainguard Factory - [How To Integrate Keycloak with Chainguard](https://edu.chainguard.dev/chainguard/administration/custom-idps/idp-providers/keycloak.md): Procedural tutorial on how to register a Keycloak Client and integrate it with the Chainguard platform. - [Get Started with chainctl](https://edu.chainguard.dev/chainguard/chainctl-usage/getting-started-with-chainctl.md): Get started with chainctl basics including authentication, organization management, and essential commands for Chainguard's container security platform - [Chainguard's Container Variants](https://edu.chainguard.dev/chainguard/chainguard-images/about/differences-development-production.md): Learn about Chainguard's development container images and how they differ from our standard images. - [How Chainguard Issues Security Advisories](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/security-advisories/how-chainguard-issues.md): The life cycle of Chainguard-Issued Security Advisories - [How to Set Up Pull Through from Chainguard's Registry to Cloudsmith](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/pull-through-guides/cloudsmith-pull-through.md): Tutorial outlining how to set up a Cloudsmith repository to pull Containers through from Chainguard's Registry. - [Getting Started with the Laravel Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/laravel.md): Learn how to use Chainguard's Laravel container image for secure PHP web applications, featuring built-in Laravel tooling and minimal vulnerabilities - [Migrating to Python Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/migrating-python.md): Learn how to migrate Python applications to Chainguard Containers for enhanced security posture, reduced CVEs, and streamlined dependency management - [Red Hat UBI Compatibility](https://edu.chainguard.dev/chainguard/migration/compatibility/red-hat-compatibility.md): Differences between Chainguard Containers and Red Hat UBI third-party images - [Using the Chainguard Console](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/images-directory.md): A walkthrough of the Chainguard Console. - [Chainguard FIPS Containers](https://edu.chainguard.dev/chainguard/fips/fips-images.md): Learn about Chainguard's FIPS-validated container images for federal compliance, featuring kernel-independent design and simplified deployment for FedRAMP and government requirements - [Using Renovate with Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/updating-images/renovate.md): How to use Renovate to automatically keep Chainguard Containers updated - [Using the Tag History API](https://edu.chainguard.dev/chainguard/chainguard-images/features/using-the-tag-history-api.md): Learn how to use the Chainguard Containers Tag History API to fetch the tag history of image variants. - [Create an Assumable Identity for a Bitbucket Pipeline](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/bitbucket-identity.md): Procedural tutorial outlining how to create a Chainguard identity that can be assumed by a Bitbucket workflow. - [How To Integrate Microsoft Entra ID SSO with Chainguard](https://edu.chainguard.dev/chainguard/administration/custom-idps/idp-providers/ms-entra-id.md): Procedural tutorial on how to register a Microsoft Entra ID Application and integrate it with the Chainguard platform. - [Migrating to .NET Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/migrating-dotnet.md): Learn how to migrate .NET applications from images provided by Microsoft to Chainguard's security-hardened .NET container images. - [Use chainctl to Create an Assumable Identity for a Jenkins Pipeline](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/jenkins-chainctl.md): How to use chainctl to create a Chainguard identity that can be assumed by a Jenkins Pipeline. - [Compare chainctl usage with the Chainguard Console](https://edu.chainguard.dev/chainguard/chainctl-usage/comparing-chainctl-to-console.md): Learn when to use chainctl CLI versus Chainguard Console for managing container security, with practical examples and use case recommendations - [Using CVE Visualizations](https://edu.chainguard.dev/chainguard/chainguard-images/features/cve_visualizations.md): Getting started with the CVE Visualization feature. - [Keep your Chainguard Containers Up to Date with digestabot](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/updating-images/digestabot.md): This video explains how to use digestabot, a free GitHub action we created to make it easier for public users to keep their Chainguard Containers fresh. - [Migrating a Dockerfile for a Go application to use Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/migrating_go.md): Learn how to migrate Go applications to Chainguard Containers for minimal attack surface, static compilation support, and dramatically reduced image sizes - [Chainguard Containers Product Release Lifecycle](https://edu.chainguard.dev/chainguard/chainguard-images/about/versions.md): Understanding Chainguard's approach to container image versions. - [Getting Started with the MariaDB Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/mariadb.md): Learn how to deploy MariaDB databases using Chainguard's security-hardened container image with minimal vulnerabilities and distroless design - [Understanding Chainguard's Container Image Categories](https://edu.chainguard.dev/chainguard/chainguard-images/about/images-categories.md): Reference guide outlining how Chainguard Containers are categorized. - [Chainguard API v2 Tutorial](https://edu.chainguard.dev/chainguard/api/api-v2-tutorial.md): Tutorial with examples showing how you can use the Chainguard API v2. - [The Guardener](https://edu.chainguard.dev/chainguard/migration/the-guardener.md): How to use The Guardener to migrate your Dockerfiles to Chainguard Images using AI-driven iterative conversion - [Getting Started with FIPS Containers](https://edu.chainguard.dev/chainguard/fips/getting-started.md): Deploy and verify your first Chainguard FIPS container - [Use Terraform to Create an Assumable Identity for a Jenkins Pipeline](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/jenkins-terraform.md): Procedural tutorial outlining how to create a Chainguard identity with Terraform that can be assumed by a Jenkins Pipeline. - [Touring the Chainguard Factory](https://edu.chainguard.dev/chainguard/factory/touring-the-factory.md): Take a guided tour through the Chainguard Factory with Dustin Kirkland to see how secure software is built - [How to Use Chainguard Notifications](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/use-chainguard-notifications.md): A primer on how to configure Chainguard Notifications - [Chainguard OS FAQs](https://edu.chainguard.dev/chainguard/chainguard-os/faq.md): Frequently asked questions about Chainguard OS, the secure operating system powering production Chainguard containers with enterprise features and continuous updates - [Using wolfictl to Manage Security Advisories](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/security-advisories/managing-advisories.md): Guide on how to use the wolfictl tool to create, update, and manage security advisories - [Getting Started with the NeMo Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/nemo.md): Learn how to use Chainguard's NeMo container image for conversational AI with enhanced security, minimal CVEs, and GPU acceleration support - [False Positives and False Negatives with Container Images Scanners](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/working-with-scanners/false-results.md): An overview of the formation of false positive and false negative vulnerability results in container image scanners - [Manage Your chainctl Configuration](https://edu.chainguard.dev/chainguard/chainctl-usage/manage-chainctl-config.md) - [How To Use incert to Create Container Images with Built-in Custom Certificates](https://edu.chainguard.dev/chainguard/chainguard-images/features/incert-custom-certs.md): An overview of how to use incert — a Go program from Chainguard — to create container images with custom certificates built-in to them. - [Chainguard FIPS TLS Connectivity Requirements](https://edu.chainguard.dev/chainguard/fips/tls-requirements.md): FIPS TLS requirements for clients and servers to establish connectivity - [Dockerfile Converter](https://edu.chainguard.dev/chainguard/migration/dockerfile-conversion.md): User Guide for Chainguard's Dockerfile Converter (dfc) - [How Chainguard Creates Container Images with Low-to-No CVEs](https://edu.chainguard.dev/chainguard/chainguard-images/about/zerocve.md): Chainguard creates more secure container images with zero CVEs through minimal packages, rapid updates, and proactive security advisories - learn how we eliminate vulnerabilities - [Unique Tags for Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/features/unique-tags.md): Learn about Chainguard's Unique Tags feature for production container images, enabling precise version tracking and automated deployment workflows with timestamped tags - [Getting Started with the nginx Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/nginx.md): Learn how to deploy nginx web server using Chainguard's security-hardened container image with minimal vulnerabilities and distroless runtime - [FIPS and Non-Approved Algorithms](https://edu.chainguard.dev/chainguard/fips/non-approved-algorithms.md): Technical deep-dive into Chainguard FIPS images access to non-approved algorithms such as MD5 and SHA1 - [Find and Update Your chainctl Release Version](https://edu.chainguard.dev/chainguard/chainctl-usage/chainctl-version-update.md): Learn how to check your chainctl version and update to the latest release for enhanced security features and improved container management capabilities - [Migration Best Practices and Checklist](https://edu.chainguard.dev/chainguard/migration/migration-checklist.md): Recommended Practices when Migrating to Chainguard Containers - [Create an Assumable Identity for a CLI session authenticated with Keycloak](https://edu.chainguard.dev/chainguard/administration/assumable-ids/identity-examples/keycloak-identity.md): Procedural tutorial outlining how to create a Chainguard identity that can be assumed by a Keycloak user. - [Using the Chainguard Directory](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/chainguard-directory.md): A walkthrough of the Chainguard Directory. - [Getting Started with the Node Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/node.md): Learn how to use Chainguard's Node.js container images for secure JavaScript applications with minimal vulnerabilities, distroless design, and built-in npm support - [Verify that Chainguard FIPS Containers are Configured to Use FIPS Modules](https://edu.chainguard.dev/chainguard/fips/verify-fips.md): Learn how to verify that Chainguard FIPS Containers are properly configured to use various FIPS modules. - [How To Compare Chainguard Containers with chainctl](https://edu.chainguard.dev/chainguard/chainctl-usage/comparing-images.md): Learn how to use chainctl images diff to compare Chainguard container versions, analyze security improvements, and track package changes between builds - [Getting Started with the PHP Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/php.md): Learn how to use Chainguard's PHP container images for secure web applications, featuring FPM and CLI variants with minimal vulnerabilities and reduced attack surface - [Package and Image Name Mappings](https://edu.chainguard.dev/chainguard/chainguard-images/about/package-name-mappings.md): Understanding how Chainguard maps upstream package and image names to Chainguard Containers - [Kernel-Independent FIPS Architecture](https://edu.chainguard.dev/chainguard/fips/kernel-independent-architecture.md): Technical deep-dive into Chainguard's kernel-independent FIPS implementation using userspace entropy sources - [Can anybody build Chainguard Containers themselves?](https://edu.chainguard.dev/chainguard/chainguard-images/about/can-anybody-build-containers.md): Dustin Kirkland discusses whether users can build Chainguard Containers on their own - [How to Use Chainguard Helm Charts](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/use-chainguard-helm-charts.md): A primer on how to use Chainguard-provided upstream Helm charts to deploy Chainguard container images - [Create, View, and Delete chainctl Events](https://edu.chainguard.dev/chainguard/chainctl-usage/chainctl-events.md): Learn how to use chainctl events commands to create, view, and manage CloudEvents subscriptions for monitoring Chainguard security events and container activities - [Beyond Zero: Eliminating Vulnerabilities in PyTorch Container Images (PyTorch 2024)](https://edu.chainguard.dev/chainguard/chainguard-images/about/beyond_zero_pytorch_2024.md): Video and transcript of presentation at PyTorch 2024 on eliminating CVEs in the PyTorch image, drawing on best practices from Chainguard Containers - [Getting Started with the PostgreSQL Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/postgres.md): Learn how to deploy PostgreSQL databases using Chainguard's security-hardened container image with minimal vulnerabilities and distroless design - [Authenticate to Chainguard's Registry](https://edu.chainguard.dev/chainguard/chainguard-images/chainguard-registry/authenticating.md): A guide on authenticating to Chainguard's registry to get container images - [Chainguard Libraries for JavaScript overview](https://edu.chainguard.dev/chainguard/libraries/javascript/overview.md): JavaScript libraries for your application development - [Chainguard Libraries for Java overview](https://edu.chainguard.dev/chainguard/libraries/java/overview.md): Learn about Chainguard Libraries for Java, providing enhanced security for Maven dependencies through automated vulnerability patching and supply chain protection - [Global configuration](https://edu.chainguard.dev/chainguard/libraries/javascript/global-configuration.md): Configuring Chainguard Libraries for JavaScript in your organization - [Global configuration](https://edu.chainguard.dev/chainguard/libraries/java/global-configuration.md): Configuring Chainguard Libraries for Java in your organization - [Global configuration](https://edu.chainguard.dev/chainguard/libraries/python/global-configuration.md): Configuring Chainguard Libraries for Python in your organization - [Build configuration](https://edu.chainguard.dev/chainguard/libraries/javascript/build-configuration.md): Configuring Chainguard Libraries for JavaScript on your workstation - [Build configuration](https://edu.chainguard.dev/chainguard/libraries/java/build-configuration.md): Configuring Chainguard Libraries for Java on your workstation - [Build configuration](https://edu.chainguard.dev/chainguard/libraries/python/build-configuration.md): Configuring Chainguard Libraries for Python on your workstation - [Management and maintenance](https://edu.chainguard.dev/chainguard/libraries/java/management.md): Learn how to manage and maintain Chainguard Libraries for Java, including dependency updates, verification, and monitoring security improvements - [Management and maintenance](https://edu.chainguard.dev/chainguard/libraries/python/management.md): Learn how to manage and maintain Chainguard Libraries for Python, including package updates, verification, and monitoring security improvements - [Chainguard Container Catalog Pricing](https://edu.chainguard.dev/chainguard/chainguard-images/about/pricing.md): Overview of Chainguard's Container Catalog Pricing model and how to add container images to your organization through the Self-Serve Catalog Experience. - [How to Use Chainguard iamguarded Helm Charts](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/use-chainguard-iamguarded-helm-charts.md): A primer on how to use Chainguard-produced iamguarded Helm charts to deploy Chainguard container images - [Getting Started with the Python Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/python.md): Learn how to use Chainguard's Python container images for secure Python applications with minimal CVEs, distroless design, and comprehensive supply chain security features - [Chainguard Catalog Starter](https://edu.chainguard.dev/chainguard/chainguard-images/about/catalog-starter.md): Learn about Chainguard Catalog Starter, an offering allowing teams to try out five Chainguard container images for free. - [What is the future of the Chainguard Factory?](https://edu.chainguard.dev/chainguard/factory/future-of-factory.md): Dustin Kirkland shares his vision for the future of the Chainguard Factory - [Proxy and cache Helm Charts with Artifactory](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/proxy-and-cache.md): Use Artifactory to proxy and cache Chainguard iamguarded Helm charts - [Manage Identity and Access with chainctl](https://edu.chainguard.dev/chainguard/chainctl-usage/chainctl-iam.md): Learn how to use chainctl iam commands to manage identity, access controls, and role-based permissions for Chainguard's container security platform - [Chainguard FIPS Container FAQs](https://edu.chainguard.dev/chainguard/fips/faqs.md): Frequently Asked Questions about Chainguard FIPS Container Images - [Getting Started with the PyTorch Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/pytorch.md): Learn how to use Chainguard's PyTorch container image for deep learning with enhanced security, minimal CVEs, and GPU acceleration support - [Chainguard Containers FAQs](https://edu.chainguard.dev/chainguard/chainguard-images/faq.md): Chainguard container FAQs: why they have zero CVEs, how they compare to DockerHub, what makes them more secure, pricing, and enterprise deployment best practices - [Getting Started with the MinIO Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/minio.md): Learn how to deploy MinIO object storage with Chainguard's secure, minimal container images for S3-compatible storage solutions with reduced vulnerabilities - [Authenticating with the Chainguard SDK](https://edu.chainguard.dev/chainguard/api/authentication.md): Tutorial with examples showing how you can authenticate with the Chainguard SDK's auth and auth/ggcr packages. - [Getting Started with the Ruby Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/ruby.md): Learn how to use Chainguard's Ruby container images for secure Ruby applications, including multi-stage builds for Rubygems and minimal runtime images - [How does Chainguard Libraries plug into a developer's workflow?](https://edu.chainguard.dev/chainguard/libraries/how-libraries-plug-into-workflow.md): Interview with Dustin Kirkland explaining how Chainguard Libraries integrate seamlessly into existing developer workflows - [How does Chainguard Libraries help developers?](https://edu.chainguard.dev/chainguard/libraries/how-libraries-help-developers.md): Interview with Dustin Kirkland about the benefits Chainguard Libraries provide to developers - [How to Use Chainguard Containers with OpenShift](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/use-with-openshift.md): Learn how to deploy Chainguard Containers on Red Hat OpenShift, including security context adjustments and permission configurations for enhanced security - [Manage Chainguard Container Images with chainctl](https://edu.chainguard.dev/chainguard/chainctl-usage/chainctl-images.md): Learn how to use chainctl images commands to discover, examine version history, and compare Chainguard's security-hardened container images in your registry - [Getting Started with the WordPress Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/wordpress.md): Learn how to deploy WordPress using Chainguard's security-hardened container image with reduced vulnerabilities and distroless runtime options - [Inside the Chainguard Factory - Assemble 2025](https://edu.chainguard.dev/chainguard/factory/assemble.md): Inside the Chainguard Factory as presented by Dustin Kirkland at the Assemble conference in 2025. - [Setting Up a Minecraft Server with the JRE Chainguard Container](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/jre-minecraft.md): Learn how to set up a secure Minecraft Java server using Chainguard's JRE container image with minimal vulnerabilities and enhanced security features - [Using Chainguard Containers in Dev Containers](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/dev-containers.md): Guide outlining how you can use Chainguard Containers as Dev Containers for secure development. - [Using Grype to Scan Software Artifacts](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/working-with-scanners/grype-tutorial.md): Learn to use Grype to detect CVEs in images - [Using Init Containers with Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/init-containers.md): Example showing how to use an init container to configure Chainguard's minimal nginx container image. - [Using Trivy to Scan Software Artifacts](https://edu.chainguard.dev/chainguard/chainguard-images/staying-secure/working-with-scanners/trivy-tutorial.md): Learn to use Trivy to analyze container images and other software artifacts for a variety of issues - [Using the Chainguard Static Base Container Image](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/static-base-image.md): Video demonstration of how to use the Chainguard static base image to create minimal images - [How to Use Container Image Digests to Improve Reproducibility](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/container-image-digests.md): Learn how to use container image digests with Chainguard Containers for reproducible deployments and version pinning in production environments - [Reproducible Dockerfiles with Frizbee and Digestabot](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/digestabot_frizbee.md): How to avoid issues with flaky Dockerfiles by using Frizbee and Digestabot to pin images to digests. - [Getting Software Versions from Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/version-info-chainguard-images.md): Video demonstration of how to get the software version information from Chainguard Containers - [Building Minimal Container Images for Applications with Runtimes](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/minimal-runtime-images.md): Learn how to create minimal container images for runtime-based applications using Chainguard's security-focused approach, reducing vulnerabilities in Java and similar environments - [Choosing a Container for your Compiled Programs](https://edu.chainguard.dev/chainguard/chainguard-images/about/images-compiled-programs/compiled-programs.md): An overview comparing various Chainguard Containers for compiled programs - [glibc vs. musl](https://edu.chainguard.dev/chainguard/chainguard-images/about/images-compiled-programs/glibc-vs-musl.md): An overview of the differences between glibc and musl. - [Vulnerability Comparison: bash](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/bash.md) - [Vulnerability Comparison: busybox](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/busybox.md) - [Vulnerability Comparison: curl](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/curl.md) - [Vulnerability Comparison: deno](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/deno.md) - [Vulnerability Comparison: dex](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/dex.md) - [Vulnerability Comparison: dotnet-runtime](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/dotnet-runtime.md) - [Vulnerability Comparison: dotnet-sdk](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/dotnet-sdk.md) - [Vulnerability Comparison: etcd](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/etcd.md) - [Vulnerability Comparison: git](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/git.md) - [Vulnerability Comparison: go](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/go.md) - [Vulnerability Comparison: gradle](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/gradle.md) - [Vulnerability Comparison: haproxy](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/haproxy.md) - [Vulnerability Comparison: jenkins](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/jenkins.md) - [Vulnerability Comparison: kube-state-metrics](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/kube-state-metrics.md) - [Vulnerability Comparison: mariadb](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/mariadb.md) - [Vulnerability Comparison: maven](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/maven.md) - [Vulnerability Comparison: memcached](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/memcached.md) - [Vulnerability Comparison: minio](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/minio.md) - [Vulnerability Comparison: minio-client](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/minio-client.md) - [Vulnerability Comparison: nats](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/nats.md) - [Vulnerability Comparison: nginx](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/nginx.md) - [Vulnerability Comparison: node](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/node.md) - [Vulnerability Comparison: opensearch](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/opensearch.md) - [Vulnerability Comparison: php](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/php.md) - [Vulnerability Comparison: postgres](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/postgres.md) - [Vulnerability Comparison: python](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/python.md) - [Vulnerability Comparison: r-base](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/r-base.md) - [Vulnerability Comparison: rabbitmq](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/rabbitmq.md) - [Vulnerability Comparison: redis](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/redis.md) - [Vulnerability Comparison: ruby](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/ruby.md) - [Vulnerability Comparison: rust](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/rust.md) - [Vulnerability Comparison: telegraf](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/telegraf.md) - [Vulnerability Comparison: traefik](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/traefik.md) - [Vulnerability Comparison: wait-for-it](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/wait-for-it.md) - [Vulnerability Comparison: wolfi-base](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/wolfi-base.md) - [Vulnerability Comparison: zookeeper](https://edu.chainguard.dev/chainguard/chainguard-images/vuln-comparison/zookeeper.md) - [How to Migrate a Java Application to Chainguard Containers](https://edu.chainguard.dev/chainguard/migration/migration-guides/java-images.md): Learn how to migrate Java applications to Chainguard Containers for reduced vulnerabilities, smaller images, and comprehensive JDK/JRE support with daily security updates - [chainctl](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl.md) - [chainctl agent](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_agent.md) - [chainctl agent accept-terms](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_agent_accept-terms.md) - [chainctl auth](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth.md) - [chainctl auth configure-docker](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_configure-docker.md) - [chainctl auth configure-npm](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_configure-npm.md) - [chainctl auth delete-account](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_delete-account.md) - [chainctl auth login](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_login.md) - [chainctl auth logout](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_logout.md) - [chainctl auth pull-token](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_pull-token.md) - [chainctl auth pull-token create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_pull-token_create.md) - [chainctl auth pull-token list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_pull-token_list.md) - [chainctl auth status](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_status.md) - [chainctl auth token](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_token.md) - [chainctl auth token capabilities](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_auth_token_capabilities.md) - [chainctl config](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config.md) - [chainctl config edit](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_edit.md) - [chainctl config reset](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_reset.md) - [chainctl config save](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_save.md) - [chainctl config set](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_set.md) - [chainctl config unset](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_unset.md) - [chainctl config validate](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_validate.md) - [chainctl config view](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_config_view.md) - [chainctl events](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_events.md) - [chainctl events subscriptions](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_events_subscriptions.md) - [chainctl events subscriptions create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_events_subscriptions_create.md) - [chainctl events subscriptions delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_events_subscriptions_delete.md) - [chainctl events subscriptions list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_events_subscriptions_list.md) - [chainctl iam](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam.md) - [chainctl iam account-associations](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations.md) - [chainctl iam account-associations check](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_check.md) - [chainctl iam account-associations check aws](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_check_aws.md) - [chainctl iam account-associations check azure](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_check_azure.md) - [chainctl iam account-associations check gcp](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_check_gcp.md) - [chainctl iam account-associations describe](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_describe.md) - [chainctl iam account-associations set](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_set.md) - [chainctl iam account-associations set aws](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_set_aws.md) - [chainctl iam account-associations set azure](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_set_azure.md) - [chainctl iam account-associations set gcp](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_set_gcp.md) - [chainctl iam account-associations unset](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_unset.md) - [chainctl iam account-associations unset aws](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_unset_aws.md) - [chainctl iam account-associations unset azure](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_unset_azure.md) - [chainctl iam account-associations unset gcp](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_account-associations_unset_gcp.md) - [chainctl iam folders](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_folders.md) - [chainctl iam folders delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_folders_delete.md) - [chainctl iam folders describe](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_folders_describe.md) - [chainctl iam folders list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_folders_list.md) - [chainctl iam folders update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_folders_update.md) - [chainctl iam identities](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities.md) - [chainctl iam identities create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create.md) - [chainctl iam identities create aws](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create_aws.md) - [chainctl iam identities create aws role](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create_aws_role.md) - [chainctl iam identities create aws user](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create_aws_user.md) - [chainctl iam identities create github](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create_github.md) - [chainctl iam identities create gitlab](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create_gitlab.md) - [chainctl iam identities delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_delete.md) - [chainctl iam identities describe](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_describe.md) - [chainctl iam identities list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_list.md) - [chainctl iam identities update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_update.md) - [chainctl iam identity-providers](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identity-providers.md) - [chainctl iam identity-providers create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identity-providers_create.md) - [chainctl iam identity-providers delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identity-providers_delete.md) - [chainctl iam identity-providers list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identity-providers_list.md) - [chainctl iam identity-providers update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identity-providers_update.md) - [chainctl iam invites](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_invites.md) - [chainctl iam invites create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_invites_create.md) - [chainctl iam invites delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_invites_delete.md) - [chainctl iam invites list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_invites_list.md) - [chainctl iam organizations](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_organizations.md) - [chainctl iam organizations delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_organizations_delete.md) - [chainctl iam organizations describe](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_organizations_describe.md) - [chainctl iam organizations list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_organizations_list.md) - [chainctl iam role-bindings](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_role-bindings.md) - [chainctl iam role-bindings create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_role-bindings_create.md) - [chainctl iam role-bindings delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_role-bindings_delete.md) - [chainctl iam role-bindings list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_role-bindings_list.md) - [chainctl iam role-bindings update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_role-bindings_update.md) - [chainctl iam roles](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles.md) - [chainctl iam roles capabilities](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles_capabilities.md) - [chainctl iam roles capabilities list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles_capabilities_list.md) - [chainctl iam roles create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles_create.md) - [chainctl iam roles delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles_delete.md) - [chainctl iam roles list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles_list.md) - [chainctl iam roles update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_roles_update.md) - [chainctl images](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images.md) - [chainctl images advisories](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_advisories.md) - [chainctl images advisories list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_advisories_list.md) - [chainctl images changelog](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_changelog.md) - [chainctl images diff](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_diff.md) - [chainctl images entitlements](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_entitlements.md) - [chainctl images entitlements list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_entitlements_list.md) - [chainctl images helm](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_helm.md) - [chainctl images helm values](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_helm_values.md) - [chainctl images history](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_history.md) - [chainctl images list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_list.md) - [chainctl images repos](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos.md) - [chainctl images repos build](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_build.md) - [chainctl images repos build apply](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_build_apply.md) - [chainctl images repos build edit](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_build_edit.md) - [chainctl images repos build list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_build_list.md) - [chainctl images repos build logs](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_build_logs.md) - [chainctl images repos create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_create.md) - [chainctl images repos delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_delete.md) - [chainctl images repos list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_list.md) - [chainctl images repos update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_repos_update.md) - [chainctl images tags](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_tags.md) - [chainctl images tags list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_tags_list.md) - [chainctl images tags resolve](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_images_tags_resolve.md) - [chainctl libraries](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_libraries.md) - [chainctl libraries entitlements](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_libraries_entitlements.md) - [chainctl libraries entitlements create](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_libraries_entitlements_create.md) - [chainctl libraries entitlements delete](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_libraries_entitlements_delete.md) - [chainctl libraries entitlements list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_libraries_entitlements_list.md) - [chainctl libraries verify](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_libraries_verify.md) - [chainctl packages](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_packages.md) - [chainctl packages versions](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_packages_versions.md) - [chainctl packages versions list](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_packages_versions_list.md) - [chainctl update](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_update.md) - [chainctl version](https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_version.md) - [Chainguard's Private APK Repositories](https://edu.chainguard.dev/chainguard/chainguard-images/features/packages/private-apk-repos.md): An overview of how to work with Chainguard's Private APK Repositories. - [Verifying Chainguard Containers and Metadata Signatures with Cosign](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/verifying-chainguard-images-and-metadata-signatures-with-cosign.md): Learn how to verify Chainguard Container signatures and attestations with Cosign for supply chain security, ensuring image authenticity and integrity - [Introduction to the Chainguard Terraform Provider](https://edu.chainguard.dev/chainguard/administration/terraform-provider.md): An introduction to working with the Chainguard Terraform provider - [How to Retrieve SBOMs and attestations for Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/how-to-use/retrieve-image-sboms.md): How to get SBOM for container images: Chainguard provides Software Bill of Materials for every image - retrieve with Cosign for complete supply chain transparency ## Open Source - [Octo STS Overview](https://edu.chainguard.dev/open-source/octo-sts/overview.md): Learn about Octo STS, an open source security token service for GitHub that uses OIDC federation to eliminate long-lived Personal Access Tokens - [How to Install Sigstore Policy Controller](https://edu.chainguard.dev/open-source/sigstore/policy-controller/how-to-install-policy-controller.md): Install the Sigstore Policy Controller into a Kubernetes Cluster - [An Introduction to Rekor](https://edu.chainguard.dev/open-source/sigstore/rekor/an-introduction-to-rekor.md): Understanding Rekor, the transparency log of Rekor - [An Introduction to Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/an-introduction-to-cosign.md): Understanding Cosign, a project under Sigstore - [How to Install the Rekor CLI](https://edu.chainguard.dev/open-source/sigstore/rekor/how-to-install-rekor.md): An overview of how to instal rekor-cli to query the Sigstore transparency log - [How to Install Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-install-cosign.md): Details for installing Cosign across operating systems - [How to Query Rekor](https://edu.chainguard.dev/open-source/sigstore/rekor/how-to-query-rekor.md): Access the data stored in Sigstore's transparency log, Rekor - [How to Sign a Container with Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-sign-a-container-with-cosign.md): Signing containers with Cosign - [How to Sign and Upload Metadata to Rekor](https://edu.chainguard.dev/open-source/sigstore/rekor/how-to-sign-and-upload-metadata-to-rekor.md): Use the Rekor CLI to sign and upload metadata to the Sigstore transparency log - [How to Sign Blobs and Standard Files with Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-sign-blobs-with-cosign.md): Use Cosign to sign non-container software artifacts - [How to Set Up An Instance of Rekor Instance Locally](https://edu.chainguard.dev/open-source/sigstore/rekor/install-a-rekor-instance.md): Create your own instance of the Rekor transparency log - [What is an SBOM (software bill of materials)?](https://edu.chainguard.dev/open-source/sbom/what-is-an-sbom.md): Learn what Software Bill of Materials (SBOM) are, why they're essential for supply chain security, and how tools like Chainguard use SBOMs to enhance transparency - [How to Sign an SBOM with Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-sign-an-sbom-with-cosign.md): Signing software bills of materials with Cosign - [Enforce SBOM attestation with Policy Controller](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/enforce-sbom-attestation-with-policy-controller.md): Enforce SBOM attestation with Policy Controller - [Disallowing Non-Default Capabilities](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/disallowing-non-default-capabilities-with-policy-controller.md): Using Policy Controller to prevent running pods with extra capabilities - [Disallowing Privileged Pods](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/disallowing-privileged-containers-with-policy-controller.md): Using Policy Controller to prevent running privileged pods - [Disallowing Run as Root User](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/disallowing-run-as-root-user-with-policy-controller.md): Using Policy Controller to prevent running pods as root - [Maximum Container Image Age](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/maximum-image-age-policy-controller.md): Maximum container image age with Policy Controller - [Disallowing Unsafe sysctls](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/disallowing-unsafe-sysctls-with-policy-controller.md): Use Policy Controller to limit pods to safe sysctls - [Verify Signed Chainguard Containers](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/using-policy-controller-to-verify-signed-chainguard-images.md): Using Policy Controller to Verify Signed Chainguard Containers - [How to Verify File Signatures with Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-verify-file-signatures-with-cosign.md): Use Cosign to verify non-container software artifacts - [Cosign: The Manual Way](https://edu.chainguard.dev/open-source/sigstore/cosign/cosign-manual-way.md) - [Limit High or Critical CVEs in your Images Workloads](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/critical-cve-policy.md): How to use the vulnerability attestation with no High or Critical CVEs Policy - [Rego Policies](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/chainguard-enforce-rego-policies.md): Writing Rego-based policies for Sigstore Policy Controller - [Getting Started with OpenVEX and vexctl](https://edu.chainguard.dev/open-source/sbom/getting-started-openvex-vexctl.md): Using vexctl to manage vulnerability communications - [melange Overview](https://edu.chainguard.dev/open-source/build-tools/melange/overview.md): melange Overview - [apko Overview](https://edu.chainguard.dev/open-source/build-tools/apko/overview.md): apko Overview - [What Makes a Good SBOM?](https://edu.chainguard.dev/open-source/sbom/what-makes-a-good-sbom.md): An explanation of what makes a good SBOM - [What is OpenVex?](https://edu.chainguard.dev/open-source/sbom/what-is-openvex.md): A conceptual overview of OpenVex - [The Differences between SBOMs and Attestations](https://edu.chainguard.dev/open-source/sbom/sboms-and-attestations.md): An overview of the differences between attestations and SBOMs - [apko FAQs](https://edu.chainguard.dev/open-source/build-tools/apko/faq.md): Frequently asked questions about apko - [Octo STS FAQ](https://edu.chainguard.dev/open-source/octo-sts/faq.md): Learn about Octo STS for GitHub token federation, including setup issues, security best practices, and integration patterns - [Example Policies](https://edu.chainguard.dev/open-source/sigstore/policy-controller/policies/chainguard-enforce-policy-examples.md): Policy recipes - [Wolfi Overview](https://edu.chainguard.dev/open-source/wolfi/overview.md): Getting started with Wolfi, the Linux undistro for secure container images - [Getting Started with melange](https://edu.chainguard.dev/open-source/build-tools/melange/getting-started-with-melange.md): melange is a declarative apk builder - [Getting Started with apko](https://edu.chainguard.dev/open-source/build-tools/apko/getting-started-with-apko.md): Quickstart to get apko up and running - [Updating bash on macOS](https://edu.chainguard.dev/open-source/update-bash-macos.md): Update bash to version 4 or above on macOS - [What is the Open Container Initiative?](https://edu.chainguard.dev/open-source/oci/what-is-the-oci.md): The Open Container Initiative (OCI) is a Linux Foundation project dedicated to managing specifications and projects related to the storage, distribution, and execution of container images. - [Updating Container Images with Renovate (and no PATs!)](https://edu.chainguard.dev/open-source/octo-sts/updating-container-images-with-renovate.md): Video tutorial showing how to set up Renovate as a GitHub Action with Octo STS to eliminate the need for Personal Access Tokens - [What are OCI Artifacts?](https://edu.chainguard.dev/open-source/oci/what-are-oci-artifacts.md): OCI artifacts are a way of using OCI registries, or container registries that are compliant with specifications set by the Open Container Initiative, to store arbitrary files. - [Troubleshooting melange Builds](https://edu.chainguard.dev/open-source/build-tools/melange/troubleshooting.md): Debugging and common errors with melange build - [An Introduction to Fulcio](https://edu.chainguard.dev/open-source/sigstore/fulcio/an-introduction-to-fulcio.md): Understanding Fulcio, a new kind of root certificate authority for code signing under Sigstore - [Building a Wolfi Package](https://edu.chainguard.dev/open-source/wolfi/building-a-wolfi-package.md): A deep-dive into the process of getting a new package into Wolfi OS - [Wolfi FAQs](https://edu.chainguard.dev/open-source/wolfi/faq.md): Frequently asked questions about Wolfi, a Linux undistro - [Troubleshooting apko Builds](https://edu.chainguard.dev/open-source/build-tools/apko/troubleshooting.md): Debugging and common errors in apko - [Why apk](https://edu.chainguard.dev/open-source/wolfi/apk-package-manager.md): How apk-tools is different from other package managers - [Hello Wolfi Workshop](https://edu.chainguard.dev/open-source/wolfi/hello-wolfi.md): Community workshop about Wolfi for beginners - [Creating Wolfi Images with Dockerfiles](https://edu.chainguard.dev/open-source/wolfi/wolfi-with-dockerfiles.md): This tutorial demonstrates how to build a Wolfi Python image from scratch, using a Dockerfile workflow. - [How to Keyless Sign a Container Image with Sigstore](https://edu.chainguard.dev/open-source/sigstore/how-to-keyless-sign-a-container-with-sigstore.md): Use Cosign and GitHub Actions to Keyless Sign a Django Container Image - [How to Generate a Fulcio Certificate](https://edu.chainguard.dev/open-source/sigstore/fulcio/how-to-generate-a-fulcio-certificate.md): Tutorial on how to generate a certificate with Fulcio for software security - [How to Inspect and Verify Fulcio Certificates](https://edu.chainguard.dev/open-source/sigstore/fulcio/how-to-inspect-and-verify-fulcio-certificates.md): Confirming the authenticity of a Fulcio certificate for a more secure software supply chain - [Package Version Selection](https://edu.chainguard.dev/open-source/wolfi/apk-version-selection.md) - [Bazel Rules for apko](https://edu.chainguard.dev/open-source/build-tools/apko/bazel-rules.md): Build secure, minimal Wolfi-based container images using Bazel - [melange FAQs](https://edu.chainguard.dev/open-source/build-tools/melange/faq.md): Frequently asked questions about melange ## Software Security - [Sea-curing Software #1 - Fighting Vulnerabilities](https://edu.chainguard.dev/software-security/comics/fighting-vulnerabilities.md): Help Linky defend a vulnerable system against software vulnerabilities! - [What Are Software Vulnerabilities and CVEs?](https://edu.chainguard.dev/software-security/cves/cve-intro.md): An introduction to software vulnerabilities and vulnerability documentation through the CVE Program - [Why Care About Software Vulnerabilities?](https://edu.chainguard.dev/software-security/cves/cve-why-care.md): An overview of software vulnerability impacts and the significance of CVEs in vulnerability management practices - [Infamous Software Vulnerabilities](https://edu.chainguard.dev/software-security/cves/infamous-cves.md): An overview of a few of the most critical, widespread, and impactful known software vulnerabilities - [Software Vulnerability Remediation](https://edu.chainguard.dev/software-security/cves/cve-remediation.md): A step-by-step guide on beginning to triage and remediate vulnerabilities in your software - [What are Containers?](https://edu.chainguard.dev/software-security/what-are-containers.md): An overview of the structure, contents, and applications of container technology - [CISA Secure Software Development Attestation Form (Draft)](https://edu.chainguard.dev/software-security/secure-software-development/ssd-attestation-form.md) - [Selecting a Base Container Image](https://edu.chainguard.dev/software-security/selecting-a-base-image.md): How to choose more secure container base images: essential criteria including CVE count, SBOM availability, update frequency, and why Chainguard excels in each category - [What is software supply chain security](https://edu.chainguard.dev/software-security/what-is-software-supply-chain-security.md): What is software supply chain security and why it matters: protect against attacks like SolarWinds with tools like Chainguard's SLSA-compliant containers and SBOMs - [Chainguard Glossary](https://edu.chainguard.dev/software-security/glossary.md): Software supply chain security vocabulary - [WTF happened with the PyPI phishing attack?](https://edu.chainguard.dev/software-security/videos/pypi.md): The PyPI phishing attack and multi-factor authentication - [WTF is a distroless container?](https://edu.chainguard.dev/software-security/videos/distroless.md): Why we should use distroless - [WTF is a Typo Squatting Attack?](https://edu.chainguard.dev/software-security/videos/github-typosquatting.md): GitHub’s typo squatting attack - [WTF is Sigstore?](https://edu.chainguard.dev/software-security/videos/sigstore.md): Sigstore explained in 2 minutes - [What Is a Build Horizon?](https://edu.chainguard.dev/software-security/build-horizon.md): What a build horizon is and why enforcing maximum artifact age is a key practice for keeping software secure and up to date - [Secure Software Development Framework (SSDF) Table, NIST SP 800-218](https://edu.chainguard.dev/software-security/secure-software-development/ssdf.md) - [Minimum Attestation References](https://edu.chainguard.dev/software-security/secure-software-development/minimum-attestation-references.md) - [Software supply chain attacks and Chainguard Libraries](https://edu.chainguard.dev/software-security/learning-labs/ll202603.md): Learning lab for March 2026 on the history and future of software supply chain attacks related to Chainguard Libraries - [Shipping Safer Container Runtimes in 2026](https://edu.chainguard.dev/software-security/learning-labs/ll202512.md): Learning Lab for December 2025 on strategies to secure your software supply chain and ship safer containerized runtimes in 2026 - [Chainguard OS on Raspberry Pi](https://edu.chainguard.dev/software-security/learning-labs/ll202511.md): Learning Lab for November 2025 on the new release of Chainguard OS for the Raspberry Pi. Learn how to get started! - [Chainguard Libraries for JavaScript and CVE remediation for Python libraries](https://edu.chainguard.dev/software-security/learning-labs/ll202510.md): Learning Lab for October 2025 about Chainguard Libraries for JavaScript and CVE remediation for Python libraries - [Static Chainguard Container Images](https://edu.chainguard.dev/software-security/learning-labs/ll202509.md): Learning Lab for September 2025 about using the static Chainguard container images - [Getting Started with Chainguard's Dockerfile Converter](https://edu.chainguard.dev/software-security/learning-labs/ll202508.md): Learning Lab for August 2025 on DFC, a tool to convert Dockerfiles to use Chainguard Containers - [AI with Hardened Container Images](https://edu.chainguard.dev/software-security/learning-labs/ll202507.md): Learning Lab for July 2025 on securing AI workloads with hardened container images - [Chainguard Libraries for Python](https://edu.chainguard.dev/software-security/learning-labs/ll202506.md): Learning Lab for June 2025 on Chainguard Libraries for Python and Supply Chain Security - [Chainguard Libraries for Java](https://edu.chainguard.dev/software-security/learning-labs/ll202505.md): Learning Lab in May 2025 with Manfred Moser - [Chainguard Trademark Use Policy](https://edu.chainguard.dev/software-security/trademark.md): Understanding the Chainguard Trademark Use Policy ## Compliance - [Introduction to PCI DSS](https://edu.chainguard.dev/compliance/pci-dss-4/intro-pci-dss-4.md): How to prepare your organization to meet the requirements of PCI DSS 4.0 - [Introduction to CMMC](https://edu.chainguard.dev/compliance/cmmc-2/intro-cmmc-2.md): How to prepare your organization to meet the requirements of CMMC 2.0 - [CMMC Maturity Levels](https://edu.chainguard.dev/compliance/cmmc-2/cmmc-2-levels.md): Learn about the differences between CMMC 2.0's maturity levels - [PCI DSS Practices](https://edu.chainguard.dev/compliance/pci-dss-4/pci-dss-practices.md): Learn about the practices required for PCI DSS 4.0 - [CMMC 2.0 Practices](https://edu.chainguard.dev/compliance/cmmc-2/cmmc-practices.md): Learn about the 14 different domains of practices required for CMMC 2.0 - [PCI DSS at Chainguard](https://edu.chainguard.dev/compliance/pci-dss-4/pci-dss-chainguard.md): Chainguard Containers reduce the time and effort for establishing PCI DSS 4.0 compliance - [CMMC at Chainguard](https://edu.chainguard.dev/compliance/cmmc-2/cmmc-chainguard.md): Chainguard Containers reduce the time and effort for establishing CMMC 2.0 compliance - [Introduction to SLSA](https://edu.chainguard.dev/compliance/slsa/what-is-slsa.md): A conceptual overview of SLSA - [SLSA Compliance at Chainguard](https://edu.chainguard.dev/compliance/slsa/slsa-chainguard.md): A brief overview of SLSA and Chainguard's compliance efforts. - [Overview of CIS Benchmarks](https://edu.chainguard.dev/compliance/cis-benchmarks.md): A brief overview of CIS Benchmarks and how they can be used. ## API Reference - [Chainguard API (Combined)](https://edu.chainguard.dev/api.json): OpenAPI spec for all Chainguard API versions (JSON) - [Chainguard API v1](https://edu.chainguard.dev/api-v1.json): OpenAPI spec for Chainguard API v1 (JSON) - [Chainguard API v2 Alpha](https://edu.chainguard.dev/api-v2alpha1.json): OpenAPI spec for Chainguard API v2 alpha (JSON) - [Chainguard API v2 Beta](https://edu.chainguard.dev/api-v2beta1.json): OpenAPI spec for Chainguard API v2 beta (JSON)