Docker Workload Attestor
The Docker attestor identifies workloads running inside Docker or Podman containers by querying the container runtime API. It discovers the container ID from the workload's cgroup path and uses it to fetch container metadata.
Configuration
Enable the Docker attestor in the WorkloadAttestation section:
section: WorkloadAttestation
schema: v1
spec:
docker:
enabled: true
| Field | Default | Description |
|---|---|---|
docker.enabled | false | Enable or disable Docker attestation |
docker.dockerSocketPath | unix:///var/run/docker.sock | Path to the Docker daemon socket |
docker.podmanSocketPath | unix:///run/podman/podman.sock | Path to the rootful Podman socket |
docker.podmanSocketPathTemplate | unix:///run/user/%d/podman/podman.sock | Template for the rootless Podman socket path. Must contain exactly one %d placeholder, substituted with the workload user ID |
docker.includeEnvVars | [] | Environment variable name prefixes to expose as docker.container.env.* attributes. When empty, no env var attributes are produced. Supports hot-reload |
The agent must have read access to the Docker or Podman socket. For rootless Podman, the agent requires sufficient privileges to read sockets owned by other users.
The attestor automatically detects whether to use Docker or Podman, including rootless Podman, without any additional configuration.
Environment variable filtering
By default, no environment variables are collected. Container env vars frequently contain secrets, so only variables whose name starts with a configured prefix are emitted as docker.container.env.* attributes.
section: WorkloadAttestation
schema: v1
spec:
docker:
enabled: true
includeEnvVars:
- APP_
- SERVICE_
- ENVIRONMENT
Matching is case-sensitive. With APP_VERSION=1.2.3 SERVICE_NAME=payments SECRET_KEY=abc ENVIRONMENT=prod, the above configuration emits APP_VERSION, SERVICE_NAME, and ENVIRONMENT. The SECRET_KEY variable is dropped.
Attributes
The following attributes are produced for successfully attested Docker and Podman containers and can be used in path templates, JWT custom claims, and X.509 Subject customization.
| Attribute | Description |
|---|---|
docker.container.image | Image ID string as recorded by the runtime, e.g. envoyproxy/envoy:v1.29.1 |
docker.container.label[<label_key>] | One attribute per container label. The label key forms the last segment of the attribute name, e.g. docker.container.label["com.example.team"] |
docker.container.env.<key> | One attribute per environment variable matching an includeEnvVars prefix. Not produced unless includeEnvVars is configured |
docker.container.image_config_digest | Content-addressed image config digest, e.g. sha256:9f86d0…. Stable across image mirrors and re-tags. Omitted if the image inspect call fails |
Example SPIFFE ID template using a container label:
/workloads/{{docker.container.label["com.example.app"]}}
docker.container.image reflects the tag at container start time and can drift if the same tag is re-pushed. Use docker.container.image_config_digest in policies that require a pinned, immutable image identity.