DKS
LabsDocker Commandos: Asgard Mission
v1.5
Asgard Mission
Laptop-first

Docker Commandos: Asgard Mission

A laptop-first Docker security lab covering Docker Init, SBOMs, Scout, attestations, hardened images, VEX, Bake, Cosign, and zero-day defense.

12 objectives
2-3 hours
Run locally

Before you start

  • Recent Docker Desktop or Docker Engine with Buildx and Docker Scout
  • Git to clone the workshop repository locally
  • Optional tools for later objectives: vexctl and cosign
  • A terminal on your own laptop; no embedded container or fake terminal required
Clone Workshop RepoInstallation Guide
Docker Commandos: Asgard Mission
Mission Briefing
Objective 0
Odin's Briefing
10 min

Mission Briefing

Meet the Docker Commandos, understand the flow of the Asgard mission, and prepare your own machine for the lab.

Story Beat
Thor enters Odin's chamber in panic: "Asgard is under attack by CVE monsters." Odin gives a single order: "Summon the Docker Commandos."

Welcome to the laptop-first edition of Docker Commandos. You will run the commands on your own machine, using your own Docker installation, while the website turns the workshop markdown into mission objectives.

Docker Commandos

From left to right:

  • Agent Null - The masked hunter
  • Wilhelmina (Mina) - The undead assassin
  • Gord - The swordmaster
  • Rothuetle - The tactician
  • Captain Ahab - The veteran commander
  • The Valkyrie - The identity specialist
  • Jack - The cyborg soldier
  • Evie - The sharpshooter

Prologue

Thor enters Odin's chamber hastily: "Father, Asgard is under attack. Shadow monsters called CVEs are spreading through the kingdom, and my hammer cannot destroy them."

Odin answers calmly: "Summon the Docker Commandos."

Lab Setup

  1. Clone the workshop repository locally.
  2. Follow the installation guide linked at the top of this page.
  3. Confirm that docker, docker buildx, and docker scout work on your machine before moving on.
  4. Install cosign and vexctl if you want to complete every objective end-to-end.

Objective Flow

flowchart TD
    A[Docker Init] --> B[SBOM]
    B --> C[Scout]
    C --> D[SBOM Attestations]
    C --> E[Hardened Images]
    C --> F[VEX Exemptions]
    D --> G[VEX Attestation]
    F --> G
    E --> H[Docker Bake]
    G --> H
    H --> I[Cosign]
    I --> J[Zero-Day Defense]

You can work straight through the mission or jump between objectives. The command dependency graph above shows which steps build on earlier ones.

All Labs