Merge pull request #1198 from chainguard-dev/create-pull-request/patch

[AutoDocs] Update Images Reference Docs

content/chainguard/chainguard-images/reference/apko/provenance_info.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Provenance information for apko Chainguard Image"
 date: 2022-11-01T11:07:52+02:00
-lastmod: 2022-11-01T11:07:52+02:00
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -27,7 +27,10 @@ The **apko** Chainguard Images are signed using Sigstore, and you can check the
 The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image.
 
 ```shell
-cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/apko | jq
+cosign verify \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/apko | jq
 ```
 
 By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for.
@@ -43,7 +46,7 @@ The following [attestations](https://slsa.dev/attestation-model) for the apko im
 | `https://spdx.dev/Document` | Contains the image SBOM (Software Bill of Materials) in SPDX format. |
 
 
-To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the apko image on `unix/amd64`:
+To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the apko image on `linux/amd64`:
 
 ```shell
 cosign download attestation \
@@ -60,10 +63,10 @@ You can use the `cosign verify-attestation` command to check the signatures of t
 
 ```shell
 cosign verify-attestation \
---type https://spdx.dev/Document \
---certificate-oidc-issuer=https://token.actions.githubusercontent.com \
---certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
-cgr.dev/chainguard/apko
+  --type https://spdx.dev/Document \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/apko
 ```
 
 This will pull in the signature for the attestation specified by the `--type` parameter, which in this case is the SPDX attestation. You should get output that verifies the SBOM attestation signature in cosign's transparency log:

content/chainguard/chainguard-images/reference/apko/tags_history.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Image Tags and History for the apko Chainguard Image"
 date: 2023-06-22T11:07:52+02:00
-lastmod: 2023-11-30 00:18:09
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -23,7 +23,7 @@ The following table contains the most recent tags and digests that can be used t
 
 Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds).
 
-| Tag (s)   | Last Changed  | Digest                                                                    |
-|-----------|---------------|---------------------------------------------------------------------------|
-|  `latest` | November 29th | `sha256:73543bc03f2eec6ea5d0e17e56c31d1061462f1e5019b143c5baf7af9c3aeea9` |
+| Tag (s)   | Last Changed | Digest                                                                    |
+|-----------|--------------|---------------------------------------------------------------------------|
+|  `latest` | December 6th | `sha256:d1649e08df1fab6d8be90efbeba13a9bfcb4339f3fe875f3c307043d54b5b022` |
 

content/chainguard/chainguard-images/reference/argo-cli/provenance_info.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Provenance information for argo-cli Chainguard Image"
 date: 2022-11-01T11:07:52+02:00
-lastmod: 2022-11-01T11:07:52+02:00
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -27,7 +27,10 @@ The **argo-cli** Chainguard Images are signed using Sigstore, and you can check
 The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image.
 
 ```shell
-cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/argo-cli | jq
+cosign verify \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/argo-cli | jq
 ```
 
 By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for.
@@ -43,7 +46,7 @@ The following [attestations](https://slsa.dev/attestation-model) for the argo-cl
 | `https://spdx.dev/Document` | Contains the image SBOM (Software Bill of Materials) in SPDX format. |
 
 
-To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the argo-cli image on `unix/amd64`:
+To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the argo-cli image on `linux/amd64`:
 
 ```shell
 cosign download attestation \
@@ -60,10 +63,10 @@ You can use the `cosign verify-attestation` command to check the signatures of t
 
 ```shell
 cosign verify-attestation \
---type https://spdx.dev/Document \
---certificate-oidc-issuer=https://token.actions.githubusercontent.com \
---certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
-cgr.dev/chainguard/argo-cli
+  --type https://spdx.dev/Document \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/argo-cli
 ```
 
 This will pull in the signature for the attestation specified by the `--type` parameter, which in this case is the SPDX attestation. You should get output that verifies the SBOM attestation signature in cosign's transparency log:

content/chainguard/chainguard-images/reference/argo-cli/tags_history.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Image Tags and History for the argo-cli Chainguard Image"
 date: 2023-06-22T11:07:52+02:00
-lastmod: 2023-11-30 00:18:09
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -23,8 +23,8 @@ The following table contains the most recent tags and digests that can be used t
 
 Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds).
 
-| Tag (s)       | Last Changed  | Digest                                                                    |
-|---------------|---------------|---------------------------------------------------------------------------|
-|  `latest-dev` | November 29th | `sha256:e2f43a8fe70a51d9e9d47ec24638186bde2d88bc13b38f8104668c984ce89afa` |
-|  `latest`     | November 29th | `sha256:563aede73866dfeff925119384b4a28af06f4170c1e2fcad53834238839eaca7` |
+| Tag (s)       | Last Changed | Digest                                                                    |
+|---------------|--------------|---------------------------------------------------------------------------|
+|  `latest-dev` | December 6th | `sha256:4d77877f2413ae33757c32809f883a514689b7f0d7add47f7362dca066a5721b` |
+|  `latest`     | December 6th | `sha256:473579517a37bd1aa0a1c16afc70804f5f64014e60f672d3565e5d104cf60996` |
 

content/chainguard/chainguard-images/reference/argo-exec/provenance_info.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Provenance information for argo-exec Chainguard Image"
 date: 2022-11-01T11:07:52+02:00
-lastmod: 2022-11-01T11:07:52+02:00
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -27,7 +27,10 @@ The **argo-exec** Chainguard Images are signed using Sigstore, and you can check
 The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image.
 
 ```shell
-cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/argo-exec | jq
+cosign verify \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/argo-exec | jq
 ```
 
 By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for.
@@ -43,7 +46,7 @@ The following [attestations](https://slsa.dev/attestation-model) for the argo-ex
 | `https://spdx.dev/Document` | Contains the image SBOM (Software Bill of Materials) in SPDX format. |
 
 
-To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the argo-exec image on `unix/amd64`:
+To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the argo-exec image on `linux/amd64`:
 
 ```shell
 cosign download attestation \
@@ -60,10 +63,10 @@ You can use the `cosign verify-attestation` command to check the signatures of t
 
 ```shell
 cosign verify-attestation \
---type https://spdx.dev/Document \
---certificate-oidc-issuer=https://token.actions.githubusercontent.com \
---certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
-cgr.dev/chainguard/argo-exec
+  --type https://spdx.dev/Document \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/argo-exec
 ```
 
 This will pull in the signature for the attestation specified by the `--type` parameter, which in this case is the SPDX attestation. You should get output that verifies the SBOM attestation signature in cosign's transparency log:

content/chainguard/chainguard-images/reference/argo-exec/tags_history.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Image Tags and History for the argo-exec Chainguard Image"
 date: 2023-06-22T11:07:52+02:00
-lastmod: 2023-11-30 00:18:09
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -23,8 +23,8 @@ The following table contains the most recent tags and digests that can be used t
 
 Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds).
 
-| Tag (s)       | Last Changed  | Digest                                                                    |
-|---------------|---------------|---------------------------------------------------------------------------|
-|  `latest-dev` | November 29th | `sha256:00c4b10150b798965e81fabac966fa8a7f0febdd24373717b377449f54588c54` |
-|  `latest`     | November 29th | `sha256:5bc10fb311feade606218f640aa361b7f023653a6909943eed7c2fe90db8fba6` |
+| Tag (s)       | Last Changed | Digest                                                                    |
+|---------------|--------------|---------------------------------------------------------------------------|
+|  `latest-dev` | December 6th | `sha256:d526c01db522605789ae2f76ddff0a70e1aea3a390e40fb88e5839e9632274c0` |
+|  `latest`     | December 6th | `sha256:f9d5d64a83e3be65b41afdc732ae55401131978b414861225442f53f241cd675` |
 

content/chainguard/chainguard-images/reference/argo-workflowcontroller/provenance_info.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Provenance information for argo-workflowcontroller Chainguard Image"
 date: 2022-11-01T11:07:52+02:00
-lastmod: 2022-11-01T11:07:52+02:00
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -27,7 +27,10 @@ The **argo-workflowcontroller** Chainguard Images are signed using Sigstore, and
 The following command requires [cosign](https://docs.sigstore.dev/cosign/overview/) and [jq](https://stedolan.github.io/jq/) to be installed on your machine. It will pull detailed information about all signatures found for the provided image.
 
 ```shell
-cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main cgr.dev/chainguard/argo-workflowcontroller | jq
+cosign verify \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/argo-workflowcontroller | jq
 ```
 
 By default, this command will fetch signatures for the `latest` tag. You can also specify the tag you want to fetch signatures for.
@@ -43,7 +46,7 @@ The following [attestations](https://slsa.dev/attestation-model) for the argo-wo
 | `https://spdx.dev/Document` | Contains the image SBOM (Software Bill of Materials) in SPDX format. |
 
 
-To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the argo-workflowcontroller image on `unix/amd64`:
+To download an attestation, use the `cosign download attestation` command and provide both the predicate type and the build platform. For example, the following command will obtain the SBOM for the argo-workflowcontroller image on `linux/amd64`:
 
 ```shell
 cosign download attestation \
@@ -60,10 +63,10 @@ You can use the `cosign verify-attestation` command to check the signatures of t
 
 ```shell
 cosign verify-attestation \
---type https://spdx.dev/Document \
---certificate-oidc-issuer=https://token.actions.githubusercontent.com \
---certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
-cgr.dev/chainguard/argo-workflowcontroller
+  --type https://spdx.dev/Document \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --certificate-identity=https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main \
+  cgr.dev/chainguard/argo-workflowcontroller
 ```
 
 This will pull in the signature for the attestation specified by the `--type` parameter, which in this case is the SPDX attestation. You should get output that verifies the SBOM attestation signature in cosign's transparency log:

content/chainguard/chainguard-images/reference/argo-workflowcontroller/tags_history.md

@@ -4,7 +4,7 @@ type: "article"
 unlisted: true
 description: "Image Tags and History for the argo-workflowcontroller Chainguard Image"
 date: 2023-06-22T11:07:52+02:00
-lastmod: 2023-11-30 00:18:09
+lastmod: 2023-12-06 18:44:36
 draft: false
 tags: ["Reference", "Chainguard Images", "Product"]
 images: []
@@ -23,8 +23,8 @@ The following table contains the most recent tags and digests that can be used t
 
 Please note that digests and timestamps only change when there is a change to the image, even though images are rebuilt every night. The "Last Changed" column indicates when the image was last modified, and doesn't always reflect the latest build timestamp. For more information about how our reproducible builds work, please refer to [this blog post](https://www.chainguard.dev/unchained/reproducing-chainguards-reproducible-image-builds).
 
-| Tag (s)       | Last Changed  | Digest                                                                    |
-|---------------|---------------|---------------------------------------------------------------------------|
-|  `latest-dev` | November 29th | `sha256:4cadfd9e6bc96f239f351c549c7fa3d45a18a0445eee1c34dc55ecdb79ade0e4` |
-|  `latest`     | November 29th | `sha256:8fbad2d58cd6ff221ad4b89e58f65606aa2d488a910d06ca4a48140a79fd3bfb` |
+| Tag (s)       | Last Changed | Digest                                                                    |
+|---------------|--------------|---------------------------------------------------------------------------|
+|  `latest`     | December 6th | `sha256:21e819e007fed87b2503e727cc3d2113400d70f7fe23370e470850bde9753365` |
+|  `latest-dev` | December 6th | `sha256:d2e683c38a268e8e07a17de0eab5bfbf2762b46b45015544ad7094a3c97cb55e` |