Multi-platform Docker container with utilities to process AsciiDoc files (asciidoc, a2x, ascidoctor...).
Let's say that you want to convert an AsciiDoc file intput.adoc in your current working directory to HTML:
Mac/Linux
cat intput.adoc | docker run --rm -i --net=none leplusorg/adoc asciidoctor -o - - > output.htmlWindows
type intput.adoc | docker run --rm -i --net=none leplusorg/adoc asciidoctor -o - - > output.htmlSame thing, assuming that you want to convert an AsciiDoc file intput.adoc in your current working directory to HTML:
Mac/Linux
docker run --rm -t --user="$(id -u):$(id -g)" --net=none -v "$(pwd):/tmp" leplusorg/adoc asciidoctor -o output.html intput.adocWindows
In cmd:
docker run --rm -t --net=none -v "%cd%:/tmp" leplusorg/adoc asciidoctor -o output.html intput.adocIn PowerShell:
docker run --rm -t --net=none -v "${PWD}:/tmp" leplusorg/adoc asciidoctor -o output.html intput.adocTo get the SBOM for the latest image (in SPDX JSON format), use the following command:
docker buildx imagetools inspect leplusorg/adoc --format '{{ json (index .SBOM "linux/amd64").SPDX }}'Replace linux/amd64 by the desired platform (linux/amd64, linux/arm64 etc.).
Sigstore is trying to improve supply chain security by allowing you to verify the origin of an artifcat. You can verify that the image that you use was actually produced by this repository. This means that if you verify the signature of the Docker image, you can trust the integrity of the whole supply chain from code source, to CI/CD build, to distribution on Maven Central or whever you got the image from.
You can use the following command to verify the latest image using its sigstore signature attestation:
cosign verify leplusorg/adoc --certificate-identity-regexp 'https://github\.com/leplusorg/docker-adoc/\.github/workflows/.+' --certificate-oidc-issuer 'https://token.actions.githubusercontent.com'The output should look something like this:
Verification for index.docker.io/leplusorg/xml:main --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- Existence of the claims in the transparency log was verified offline
- The code-signing certificate was verified using trusted certificate authority certificates
[{"critical":...
For instructions on how to install cosign, please read this documentation.
Please use this link (GitHub account required) to request that a new tool be added to the image. I am always interested in adding new capabilities to these images.