A collection of utility container images built and published to the GitHub Container Registry.
All packages: ghcr.io/natrontech/container-images
| Image | Latest tag | Description |
|---|---|---|
| tcp-forwarder | ghcr.io/natrontech/container-images/tcp-forwarder:latest |
Robust TCP port forwarder with health checks and logging |
| nginx-ingress-coraza | ghcr.io/natrontech/container-images/nginx-ingress-coraza:latest |
NGINX Ingress Controller with Coraza WAF and OWASP CRS |
| Tag | Published on | Mutable |
|---|---|---|
:latest |
every push to main + nightly | yes |
:nightly |
nightly at 02:00 UTC | yes |
:sha-<commit> |
every push to main | no |
:<version> |
every push to main (containers with a VERSION file) |
no |
All images are signed with Cosign (keyless/OIDC) and come with a CycloneDX SBOM attestation. Versioned images additionally receive SLSA Level 3 provenance.
| Artifact | Scope |
|---|---|
| Cosign signature | all tags |
| CycloneDX SBOM attestation | all tags |
| SLSA Level 3 provenance | versioned tags only (e.g. :5.4.1) |
See SECURITY.md for verification commands.
- Create a directory at the repo root with the image name
- Add a
Dockerfileinside it - Optionally add a
VERSIONfile (e.g.1.0.0) to publish an immutable version tag and SLSA provenance - Push to main — auto-discovered and built on the next CI run
my-tool/
├── Dockerfile
├── VERSION
└── README.md