Skip to content

amouat/git

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

60 Commits
.github
.github
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
USAGE.md
USAGE.md
 
 
apko-glibc.yaml
apko-glibc.yaml
 
 
apko-root-glibc.yaml
apko-root-glibc.yaml
 
 
apko-root.yaml
apko-root.yaml
 
 
apko.yaml
apko.yaml
 
 
test.sh
test.sh
 
 

Repository files navigation

git

CI status

This is a minimal Git image based on Alpine, using up-to-date apks available on the Alpine Community repositories (not built from source). The image contains git, git-lfs, and supporting libraries such as openssh (for ssh-based auth), and ca-certs (for https-based cloning).

Get It!

The image is available on cgr.dev:

docker pull cgr.dev/chainguard/git:latest

Supported tags

Tag Digest Arch
2.37.3-debian-11-r6 sha256:fdede9d61b563ccb0a378233218a0040d24b4a97e0418d736708caa8394c7f55
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
2.37.3-r0-glibc sha256:6feeebb8955cc2df6efa416be60b196c855c65809c618171ca561ce61696645a
View entry in Rekor		 amd64
2.37.3-r0-root-glibc sha256:6d41714ef48c827acdddf4b17335e0db9280331d923652184cf72957a8bac677
View entry in Rekor		 amd64
2.37.3-r1 sha256:0383d919339f5095c7c81f513cab6523e2fd323d5a524fbef3a89144d117238c
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
2.38.0-r1 root sha256:081c0946ef327fe5abaa6707d96d2ce7cdf2cbb9e7b1e6a1d87df413520ff3ab
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
2.37.3-debian-11-r8 2.37.3-r0 sha256:09768f17d6ce9eced953fe8e87d88c8097f867ac487d99048565fc42def493f3
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
2.37.3-debian-11-r5 sha256:5bd9e1bc50745c14199118e2a393a39e54d615444c91c6f09c3763ec8169d129
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
latest sha256:48cff40a3facf0563179f063a8fb99b927a05cc0dbf806e67a5c1edf43b40d01
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
2 2-debian-11 2.37.3 2.37.3-debian-11-r9 sha256:34a5718f96c5747b52e0cb5f217a2441be29f425ede41e946b6ec646507221e2
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x
2.37.3-debian-11-r7 sha256:fecf20ec858defbd6577b95d50e072a3836d8f390e7955a8e9801444c75ca75f
View entry in Rekor		 386 amd64 arm64 armv6 armv7 ppc64le riscv64 s390x

Usage

The Git image allows you to run ordinary Git commands in CI/CD pipelines and also locally via Docker.

Docker Setup

To make sure you have the latest image version available, start by running a docker pull command:

docker pull cgr.dev/chainguard/git

Then, run the image with the --version flag to make sure it is functional:

docker run -it --rm cgr.dev/chainguard/git --version

You should get output similar to this:

git version 2.37.1

Cloning a Repository Locally

Because your local system user's ID (uid) might differ from that of the container image, if you want to clone repositories locally using this image you'll need to set up special permissions for the target dir. Then, you'll be able to set up a volume and have the contents of the cloned repo replicated on your host machine.

First, create a target directory somewhere in your home folder and set the required permissions:

mkdir ~/workspace
chmod go+wrx ~/workspace

Now you can use docker run to execute the clone command, using the directory you just set up as a volume share between your local machine and the container image on /home/git.

docker run -it -v ~/workspace:/home/git --rm cgr.dev/chainguard/git clone https://github.com/chainguard-images/git.git

You should get output like this:

Cloning into 'git'...
remote: Enumerating objects: 57, done.
remote: Counting objects: 100% (57/57), done.
remote: Compressing objects: 100% (47/47), done.
remote: Total 57 (delta 19), reused 35 (delta 10), pack-reused 0
Receiving objects: 100% (57/57), 15.23 KiB | 866.00 KiB/s, done.
Resolving deltas: 100% (19/19), done.

You can now check the contents of your workspace directory, where you should find the cloned repo.

Signing

All Chainguard Images are signed using Sigstore!

Details
To verify the image, download cosign and run: 
COSIGN_EXPERIMENTAL=1 cosign verify cgr.dev/chainguard/git:latest | jq

Output:

Verification for cgr.dev/chainguard/git:latest --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - Any certificates were verified against the Fulcio roots.
[
  {
    "critical": {
      "identity": {
        "docker-reference": "ghcr.io/chainguard-images/git"
      },
      "image": {
        "docker-manifest-digest": "sha256:48cff40a3facf0563179f063a8fb99b927a05cc0dbf806e67a5c1edf43b40d01"
      },
      "type": "cosign container image signature"
    },
    "optional": {
      "1.3.6.1.4.1.57264.1.1": "https://token.actions.githubusercontent.com",
      "1.3.6.1.4.1.57264.1.2": "schedule",
      "1.3.6.1.4.1.57264.1.3": "f88a25427e2658f65a495257cf215290bd1ae890",
      "1.3.6.1.4.1.57264.1.4": "Create Release",
      "1.3.6.1.4.1.57264.1.5": "chainguard-images/git",
      "1.3.6.1.4.1.57264.1.6": "refs/heads/main",
      "Bundle": {
        "SignedEntryTimestamp": "MEUCIQCJOVKP6WuVuo6HxtA/1pDCvoybbb/r1bLWyykmmsbw7wIgI3uyYfRwp9HmHErINlXedTVjZVTU8HT6XZY1jdngetU=",
        "Payload": {
          "body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIwNWMxNzI3MjMxNDgyNmJhN2YzMDQ2NWVkNTcwZmMzM2ZjZTJjNDYzY2NhOWMzMWNlN2RlNjVhMzQwNmQwNzM5In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJQVdESXpyMm9ZMGxuYTYyNjdJeWdlUmN1SlpJYUt2WlVBUml2ckpvUldJc0FpQUF0ZFJyYTMxWDFFb21KZXpKcUZaT3FUZkl2Slo1VExJQVFCTk53Y2h5OEE9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVUndWRU5EUVhsMVowRjNTVUpCWjBsVlNWRXhjWEp4TVRKdk5qVlVPVkpxZEVGUlRqQnhOa1pYVWxCWmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcEplRTFFUlhoTlJFbDZUWHBKTVZkb1kwNU5ha2w0VFVSRmVFMUVTVEJOZWtreFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZZVVhCMUsyWm1kR2RPU1c4MWExbEJhRGxWUjJrcmJIbFdNbnBhVHpSRFJtMUpNRGNLUzFKc2VtWXdWbTlUWmxKUlRuRmFSM0U0UW5KRk9VYzFPVFZIYW1KSWJUZEZiREJGU3pSc1kxZDZUV1E1Y2tnMVRIRlBRMEZyYjNkblowcEhUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZoT1hadUNsQTNkMlZDZUdVemNIbDJVVXQxYm10dlRHNWFOR3d3ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDFwUldVUldVakJTUVZGSUwwSkdjM2RYV1ZwWVlVaFNNR05JVFRaTWVUbHVZVmhTYjJSWFNYVlpNamwwVERKT2IxbFhiSFZhTTFab1kyMVJkQXBoVnpGb1dqSldla3d5WkhCa1F6aDFXakpzTUdGSVZtbE1NMlIyWTIxMGJXSkhPVE5qZVRsNVdsZDRiRmxZVG14TWJteG9ZbGQ0UVdOdFZtMWplVGx2Q2xwWFJtdGplVGwwV1Zkc2RVMUVhMGREYVhOSFFWRlJRbWMzT0hkQlVVVkZTekpvTUdSSVFucFBhVGgyWkVjNWNscFhOSFZaVjA0d1lWYzVkV041Tlc0S1lWaFNiMlJYU2pGak1sWjVXVEk1ZFdSSFZuVmtRelZxWWpJd2QwWm5XVXRMZDFsQ1FrRkhSSFo2UVVKQloxRkpZekpPYjFwWFVqRmlSMVYzVG1kWlN3cExkMWxDUWtGSFJIWjZRVUpCZDFGdldtcG5ORmxVU1RGT1JFa3pXbFJKTWs1VWFHMU9hbFpvVGtSck1VMXFWVE5aTWxsNVRWUlZlVTlVUW1sYVJFWm9DbHBVWnpWTlJFRmpRbWR2Y2tKblJVVkJXVTh2VFVGRlJVSkJOVVJqYlZab1pFZFZaMVZ0Vm5OYVYwWjZXbFJCYWtKbmIzSkNaMFZGUVZsUEwwMUJSVVlLUWtKV2FtRkhSbkJpYldReFdWaEthMHhYYkhSWlYyUnNZM2s1Ym1GWVVYZElVVmxMUzNkWlFrSkJSMFIyZWtGQ1FtZFJVR050Vm0xamVUbHZXbGRHYXdwamVUbDBXVmRzZFUxSlIwdENaMjl5UW1kRlJVRmtXalZCWjFGRFFraDNSV1ZuUWpSQlNGbEJRMGREVXpoRGFGTXZNbWhHTUdSR2NrbzBVMk5TVjJOWkNuSkNXVGwzZW1wVFltVmhPRWxuV1RKaU0wbEJRVUZIUkhoUFVFZGpRVUZCUWtGTlFWSjZRa1pCYVVWQmJtTXdTMm80UVdwVU5HRkVVWEZ3THprclpERUtaMUE0V0VZclFXdGFjRlpLUzNjeGNUWXZOMnhxWjJkRFNVRXljRU4zUWpkM1pteE9Ra1pVY0RaT1NYVXZVRVJXYnpZeFRWbDJOMk5oUlRoRmJEQTBZZ294TVVsSlRVRnZSME5EY1VkVFRUUTVRa0ZOUkVFeVowRk5SMVZEVFVjclltVktSMjR5ZG5RM1FYaDBVMVpvY0dodGFtTmtRbkk1ZEdnM09GUTJNM0poQ2tKRGEya3hXazU1VlZoM2IzZEdWVW92SzNvMGVXOW1ZVlpqUkZKVlFVbDRRVTlxWjFCV09YQk5SbXBxVkd4WU1GVTJWVUoxWW1wM2RISlFiVzFYVEM4S1kweHhLelJ2TlVFNFZHbElXVk5vWmpSbUswWkVZbTlsVG5SQmFubFNTbFpqUVQwOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19",
          "integratedTime": 1665455623,
          "logIndex": 4862106,
          "logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d"
        }
      },
      "Issuer": "https://token.actions.githubusercontent.com",
      "Subject": "https://github.com/chainguard-images/git/.github/workflows/release.yaml@refs/heads/main",
      "githubWorkflowName": "Create Release",
      "githubWorkflowRef": "refs/heads/main",
      "githubWorkflowRepository": "chainguard-images/git",
      "githubWorkflowSha": "f88a25427e2658f65a495257cf215290bd1ae890",
      "githubWorkflowTrigger": "schedule",
      "run_attempt": "1",
      "run_id": "3223716563",
      "sha": "f88a25427e2658f65a495257cf215290bd1ae890"
    }
  }
]

You can verify that the image was built in Github Actions in this repository from the Issuer and Subject fields.

Build

This image is built with apko.

About

A distroless image containing only git and related utilities.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Shell 100.0%