Today, I am excited to announce the first service we’re providing for the developer community, with many more community projects hopefully coming soon:
The Nirvati Container Registry is a registry for Docker container images that is completely free for every interested project.
We’re currently also mirroring a few open source projects, including all containers by LNCM, BtcPayServer, and LNBits. As I’m writing this post, these projects are still being copied, but I will share instructions on pulling them and using the registry later.
Regarding security/authenticity of the images: Harbor shows cosign data in the UI. This prevents third parties that may have taken over a project account from modifying images. Cosign data can also be validated locally to ensure we haven’t manipulated anything.
On Nirvati, all apps in our app store are pinned by their SHA256 hash. If a project pins their images to a specific hash, it can’t be changed by anyone. It could be deleted from the registry, but not modified in any way.
Please let me know if you have any concerns or suggestions for improvement regarding security and ensuring there is (nearly) no trust in us as a centralized service involved.