/devcontainer:validate-registry
Scan all Dockerfile and devcontainer.json files for Docker images from non-allowed registries. Reports violations against the nnthanh101/* allowlist and provides compliance score.
Benefits
- Enforce Docker-first registry policy (REG-001)
- Detect supply chain risks before they reach CI/CD
- Compliance scoring for audit evidence
When to Use
| Attribute | Detail |
|---|---|
| Persona | Security Engineer, DevOps |
| Trigger | Docker image changes, compliance audit, PR review |
| Business Value | Prevent unauthorized Docker images from entering the build pipeline |
| Frequency | Every PR with Docker changes, sprint compliance check |
Example: As a security engineer before a SOC2 audit, I run /devcontainer:validate-registry to generate compliance evidence showing 100% of Docker images use approved nnthanh101/* registries.