Fields
| Name | Description | Accepted Values or Format |
|---|---|---|
| image_repo | Required. The name of this image’s repository. | A repository must be made up of slash-separated name components (e.g. my/repo/name or reponame, where each component is limited to the set of characters [a-z0-9_.-], except they may not start with a ., _ or -. The total length of a repo name, including slashes, must be less than 256 characters. |
| image_manifest_digest | Special*. Also known as the image digest, this is a SHA256 hash of the image’s manifest JSON (image_manifest field), represented as a hexadecimal encoding of 256 bits. | Must be a SHA256 hash beginning in sha256:, e.g., sha256:6c3c624b58dbbcd3c0dd82b4c53f04194d1247c6eebdaab7c610cf7d66709b3b. If the image_manifest is provided, this must match the SHA256 hash of that field. |
| image_config_digest | Special*. Also known as the image ID, this is a SHA256 hash of the image’s configuration JSON (image_config field), represented as a hexadecimal encoding of 256 bits. | Must be a SHA256 hash encoded in hexadecimal and beginning in sha256:, e.g., sha256:a9561eb1b190625c9adb5a9513e72c4dedafc1cb2d4c5236c9a6957ec7dfd5a9. If the image_config is provided, this must match the SHA256 hash of that field. |
| image_tags | Special*. A list of tags that identify this image. | Each tag is limited to the set of characters [a-zA-Z0-9_.-], except they may not start with a . or - character. Tags are limited to 128 characters. |
| image_registry | Optional. The primary registry that this image is stored in. | Must be a DNS hostname and comply with DNS rules (e.g. ghcr.io or 123456789012.dkr.ecr.region.amazonaws.com). It may optionally be followed by a port number (e.g. :8080). |
| image_secondary_registries | Optional. A list of secondary registries that this image is stored in. | Same as image_registry. |
| image_distro | Optional. The distribution of the operating system which this image is built to run on. | N/A |
| image_platform_os | Optional. The name of the operating system which the image is built to run on. If left blank this defaults to unknown. | This must match values listed in the Go Language document for GOOS, or otherwise be unknown. |
| image_platform_arch | Optional. The CPU architecture which the binaries in this image are built to run on. If left blank this defaults to unknown. | This must match values listed in the Go Language document for GOARCH, or otherwise be unknown. |
| image_platform_os_version | Optional. The version of the operating system which the image is built to run on. | N/A |
| image_platform_os_features | Optional. An array of strings, each specifying a mandatory OS feature. | N/A |
| image_platform_arch_variant | Optional. The variant of the CPU architecture of this image. | Must be a variant listed in the Platform Variants table of the OCI Image Index Specification, corresponding to the image_platform_arch. |
| image_platform_arch_features | Optional. An array of strings, each specifying a feature of the architecture. | N/A |
| image_manifest | Optional. The image’s manifest represented by a JSON object as defined in the OCI Image Manifest Specification or the Docker Image Manifest V 2, Schema 2. | Must be a JSON object that matches the OCI or Docker Image Manifest Specifications for the media types application/vnd.oci.image.manifest.v1+json or application/vnd.docker.distribution.manifest.v2+json. |
| image_config | Optional. The image’s configuration represented by a JSON object as defined in the OCI Image Configuration Specificationor the Docker v1 Image JSON Specification. | Must be a JSON object that matches the OCI or Docker Image Configuration Specifications for the media types application/vnd.oci.image.config.v1+json or application/vnd.docker.container.image.v1+json. |
Fields Marked Special*
At least one of image_manifest_digest or image_config_digest is required for an image to be content-addressable (uniquely identifiable). Tags do not uniquely identify an image, however Nucleus will use best effort matching to match an image that only has tags provided.
Container Image Asset Field Examples
Example JSON
MarkupJSON
{
"nucleus_import_version": "1",
"scan_type": "Container Image",
"scan_tool": "Asset",
"assets": [
{
"image_repo": "centos",
"image_manifest_digest": "sha256:dbbacecc49b088458781c16f3775f2a2ec7521079034a7ba499c8b0bb7f86875",
"image_config_digest": "sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55",
"image_tags": [
"latest",
"centos8.0"
],
"image_registry": "docker.io",
"image_secondary_registries": [
"public.ecr.aws"
],
"image_distro": "CentOS",
"image_platform_os": "linux",
"image_platform_arch": "amd64",
"image_platform_os_version": "",
"image_platform_os_features": [],
"image_platform_arch_variant": "",
"image_platform_arch_features": [],
"image_manifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 2143,\n \"digest\": \"sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 75181999,\n \"digest\": \"sha256:7a0437f04f83f084b7ed68ad9c4a4947e12fc4e1b006b38129bac89114ec3621\"\n }\n ]\n}",
"image_config": "{\"architecture\":\"amd64\",\"config\":{\"Hostname\":\"\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/bin/bash\"],\"Image\":\"sha256:6de05bdfbf9a9d403458d10de9e088b6d93d971dd5d48d18b4b6758f4554f451\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"OnBuild\":null,\"Labels\":{\"org.label-schema.build-date\":\"20201204\",\"org.label-schema.license\":\"GPLv2\",\"org.label-schema.name\":\"CentOS Base Image\",\"org.label-schema.schema-version\":\"1.0\",\"org.label-schema.vendor\":\"CentOS\"}},\"container\":\"395e0bfa7301f73bc994efe15099ea56b8836c608dd32614ac5ae279976d33e4\",\"container_config\":{\"Hostname\":\"395e0bfa7301\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) \",\"CMD [\\\"/bin/bash\\\"]\"],\"Image\":\"sha256:6de05bdfbf9a9d403458d10de9e088b6d93d971dd5d48d18b4b6758f4554f451\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"OnBuild\":null,\"Labels\":{\"org.label-schema.build-date\":\"20201204\",\"org.label-schema.license\":\"GPLv2\",\"org.label-schema.name\":\"CentOS Base Image\",\"org.label-schema.schema-version\":\"1.0\",\"org.label-schema.vendor\":\"CentOS\"}},\"created\":\"2020-12-08T00:22:53.076477777Z\",\"docker_version\":\"19.03.12\",\"history\":[{\"created\":\"2020-12-08T00:22:52.526672082Z\",\"created_by\":\"/bin/sh -c #(nop) ADD file:bd7a2aed6ede423b719ceb2f723e4ecdfa662b28639c8429731c878e86fb138b in / \"},{\"created\":\"2020-12-08T00:22:52.895811646Z\",\"created_by\":\"/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20201204\",\"empty_layer\":true},{\"created\":\"2020-12-08T00:22:53.076477777Z\",\"created_by\":\"/bin/sh -c #(nop) CMD [\\\"/bin/bash\\\"]\",\"empty_layer\":true}],\"os\":\"linux\",\"rootfs\":{\"type\":\"layers\",\"diff_ids\":[\"sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859\"]}}"
}
]
}Example XML
Markup
<nucleusCustomScan>
<nucleus_import_version>1</nucleus_import_version>
<scan_tool>Asset</scan_tool>
<scan_type>Container Image</scan_type>
<assets>
<asset>
<image_repo>centos</image_repo>
<image_manifest_digest>sha256:dbbacecc49b088458781c16f3775f2a2ec7521079034a7ba499c8b0bb7f86875</image_manifest_digest>
<image_config_digest>sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55</image_config_digest>
<image_tags>
<image_tag>latest</image_tag>
<image_tag>centos8.0</image_tag>
</image_tags>
<image_registry>docker.io</image_registry>
<image_secondary_registries>
<image_registry>public.ecr.aws</image_registry>
</image_secondary_registries>
<image_platform_os>linux</image_platform_os>
<image_platform_arch>amd64</image_platform_arch>
<image_platform_os_version>1.23</image_platform_os_version>
<image_platform_os_features>
<feature>abc</feature>
</image_platform_os_features>
<image_platform_arch_variant>v7</image_platform_arch_variant>
<image_platform_arch_features>
<feature>abc</feature>
</image_platform_arch_features>
<image_manifest>{\n "schemaVersion": 2,\n "mediaType": "application/vnd.docker.distribution.manifest.v2+json",\n "config": {\n "mediaType": "application/vnd.docker.container.image.v1+json",\n "size": 2143,\n "digest": "sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55"\n },\n "layers": [\n {\n "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",\n "size": 75181999,\n "digest": "sha256:7a0437f04f83f084b7ed68ad9c4a4947e12fc4e1b006b38129bac89114ec3621"\n }\n ]\n}</image_manifest>
<image_config>{"architecture":"amd64","config":{"Hostname":"","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/bash"],"Image":"sha256:6de05bdfbf9a9d403458d10de9e088b6d93d971dd5d48d18b4b6758f4554f451","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":{"org.label-schema.build-date":"20201204","org.label-schema.license":"GPLv2","org.label-schema.name":"CentOS Base Image","org.label-schema.schema-version":"1.0","org.label-schema.vendor":"CentOS"}},"container":"395e0bfa7301f73bc994efe15099ea56b8836c608dd32614ac5ae279976d33e4","container_config":{"Hostname":"395e0bfa7301","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\\"/bin/bash\\"]"],"Image":"sha256:6de05bdfbf9a9d403458d10de9e088b6d93d971dd5d48d18b4b6758f4554f451","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":{"org.label-schema.build-date":"20201204","org.label-schema.license":"GPLv2","org.label-schema.name":"CentOS Base Image","org.label-schema.schema-version":"1.0","org.label-schema.vendor":"CentOS"}},"created":"2020-12-08T00:22:53.076477777Z","docker_version":"19.03.12","history":[{"created":"2020-12-08T00:22:52.526672082Z","created_by":"/bin/sh -c #(nop) ADD file:bd7a2aed6ede423b719ceb2f723e4ecdfa662b28639c8429731c878e86fb138b in / "},{"created":"2020-12-08T00:22:52.895811646Z","created_by":"/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20201204","empty_layer":true},{"created":"2020-12-08T00:22:53.076477777Z","created_by":"/bin/sh -c #(nop) CMD [\\"/bin/bash\\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859"]}}</image_config>
</asset>
</assets>
</nucleusCustomScan>Example CSV
Markup
nucleus_import_version,scan_tool,scan_type,image_repo,image_manifest_digest,image_config_digest,image_tags,image_registry,image_secondary_registries,image_distro,image_platform_os,image_platform_arch,image_platform_os_version,image_platform_os_features,image_platform_arch_variant,image_platform_arch_features,image_manifest,image_config
1,Asset,Container Image,centos,sha256:dbbacecc49b088458781c16f3775f2a2ec7521079034a7ba499c8b0bb7f86875,sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55,latest;centos8.0,docker.io,public.ecr.aws;another.registry.com,CentOS,linux,amd64,1.23,abc;def,v7,abc;def,"{\n ""schemaVersion"": 2,\n ""mediaType"": ""application/vnd.docker.distribution.manifest.v2+json"",\n ""config"": {\n ""mediaType"": ""application/vnd.docker.container.image.v1+json"",\n ""size"": 2143,\n ""digest"": ""sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55""\n },\n ""layers"": [\n {\n ""mediaType"": ""application/vnd.docker.image.rootfs.diff.tar.gzip"",\n ""size"": 75181999,\n ""digest"": ""sha256:7a0437f04f83f084b7ed68ad9c4a4947e12fc4e1b006b38129bac89114ec3621""\n }\n ]\n}","{""architecture"":""amd64"",""config"":{""Hostname"":"""",""Domainname"":"""",""User"":"""",""AttachStdin"":false,""AttachStdout"":false,""AttachStderr"":false,""Tty"":false,""OpenStdin"":false,""StdinOnce"":false,""Env"":[""PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin""],""Cmd"":[""/bin/bash""],""Image"":""sha256:6de05bdfbf9a9d403458d10de9e088b6d93d971dd5d48d18b4b6758f4554f451"",""Volumes"":null,""WorkingDir"":"""",""Entrypoint"":null,""OnBuild"":null,""Labels"":{""org.label-schema.build-date"":""20201204"",""org.label-schema.license"":""GPLv2"",""org.label-schema.name"":""CentOS Base Image"",""org.label-schema.schema-version"":""1.0"",""org.label-schema.vendor"":""CentOS""}},""container"":""395e0bfa7301f73bc994efe15099ea56b8836c608dd32614ac5ae279976d33e4"",""container_config"":{""Hostname"":""395e0bfa7301"",""Domainname"":"""",""User"":"""",""AttachStdin"":false,""AttachStdout"":false,""AttachStderr"":false,""Tty"":false,""OpenStdin"":false,""StdinOnce"":false,""Env"":[""PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin""],""Cmd"":[""/bin/sh"",""-c"",""#(nop) "",""CMD [\\""/bin/bash\\""]""],""Image"":""sha256:6de05bdfbf9a9d403458d10de9e088b6d93d971dd5d48d18b4b6758f4554f451"",""Volumes"":null,""WorkingDir"":"""",""Entrypoint"":null,""OnBuild"":null,""Labels"":{""org.label-schema.build-date"":""20201204"",""org.label-schema.license"":""GPLv2"",""org.label-schema.name"":""CentOS Base Image"",""org.label-schema.schema-version"":""1.0"",""org.label-schema.vendor"":""CentOS""}},""created"":""2020-12-08T00:22:53.076477777Z"",""docker_version"":""19.03.12"",""history"":[{""created"":""2020-12-08T00:22:52.526672082Z"",""created_by"":""/bin/sh -c #(nop) ADD file:bd7a2aed6ede423b719ceb2f723e4ecdfa662b28639c8429731c878e86fb138b in / ""},{""created"":""2020-12-08T00:22:52.895811646Z"",""created_by"":""/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20201204"",""empty_layer"":true},{""created"":""2020-12-08T00:22:53.076477777Z"",""created_by"":""/bin/sh -c #(nop) CMD [\\""/bin/bash\\""]"",""empty_layer"":true}],""os"":""linux"",""rootfs"":{""type"":""layers"",""diff_ids"":[""sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859""]}}"