This repository builds and publishes Giskard-maintained Python Docker images.
Images are published to quay.io/giskard/python.
Supported Python versions are 3.12, 3.13, and 3.14. For each version, the
publish workflow creates dev and runtime variants:
- default minor variant tags, for example
3.13-devand3.13-runtime, based on Ubuntu24.04 - default patch variant tags, for example
3.13.13-devand3.13.13-runtime, based on Ubuntu24.04 - default platform variant tags, for example
3.13-dev-ubuntu-latestand3.13-runtime-runner-ubuntu24-arm64 - Ubuntu-specific minor variant tags, for example
3.13-dev-ubuntu24.04and3.13-runtime-ubuntu26.04 - Ubuntu-specific patch variant tags, for example
3.13.13-dev-ubuntu24.04and3.13.13-runtime-ubuntu26.04 - Ubuntu-specific platform variant tags, for example
3.13-dev-ubuntu26.04-ubuntu-latestand3.13-runtime-ubuntu26.04-runner-ubuntu24-arm64
Dockerfiles are generated by python/generate_dockerfile.sh into
Ubuntu-specific folders. Ubuntu 24.04 uses the docker-library/python
slim-bookworm fragment, and Ubuntu 26.04 uses the slim-trixie fragment.
Ubuntu base image digests and fragment choices are tracked in
python/base-images.json.
The scheduled Update python dockerfile workflow refreshes the pinned
ubuntu:24.04 and ubuntu:26.04 digests in python/base-images.json,
regenerates Ubuntu-specific Python Dockerfiles, then opens or updates the
cron-python-update pull request.
After generated Dockerfile changes land on main, the Publish the images
workflow builds the 3.12, 3.13, and 3.14 dev and runtime images for
both configured Ubuntu bases and both configured platform runners, then
publishes multi-platform manifests to Quay. Existing non-Ubuntu-specific
variant tags continue to point at the Ubuntu 24.04 images for compatibility.
Final Quay images are published with Sigstore/cosign keyless signatures, SPDX JSON SBOM attestations, and GitHub build provenance. The publish workflow resolves each final multi-platform manifest digest, signs that immutable digest, attaches one SBOM attestation for each platform child manifest, and publishes GitHub provenance for the same final digest.
SBOMs are generated from the pushed image digests. This includes runtime
images, even though they are built FROM scratch: Syft scans the final runtime
filesystem by digest, so the SBOM describes only files copied into the runtime
image and does not reuse the dev image SBOM.
Quay can show attached cosign and provenance metadata as sha256-... entries in
the tag list. Those entries are OCI signature or attestation artifacts attached
to the image digest, not additional runnable Python image tags. To limit Quay
metadata noise, the workflow signs and attests the resolved digest once for each
final manifest rather than signing every alias tag that points at that digest.
Verify a published image with:
cosign verify \
--certificate-identity-regexp '^https://github\.com/Giskard-AI/docker-images/\.github/workflows/python\.yml@refs/heads/main$' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
quay.io/giskard/python:3.13-devVerify attached SPDX SBOM attestations with:
cosign verify-attestation \
--type spdxjson \
--certificate-identity-regexp '^https://github\.com/Giskard-AI/docker-images/\.github/workflows/python\.yml@refs/heads/main$' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
quay.io/giskard/python:3.13-dev