Java Supply Chain Security with Docker
Docker Commandos adapted for a Java audience at JCON Europe 2026. Supply chain security, SBOMs, and attestations — using Docker tooling with a Java project as the target.
Run as Docker Labspace
Launch this workshop delivery in the Docker Labspace format if you want the container-attached experience instead of the laptop-first lab.
Run as Docker LabspaceOCI Launch Command
docker compose -f oci://docker.io/aerabi/docker-commandos-labspace up -dThen open http://localhost:3030.
Docker Commandos at JCON Europe 2026 in Cologne — adapted for a Java audience.
The workshop applies the Docker Commandos security pipeline to a Java project: from docker init and SBOM generation through Scout scanning, hardened images, VEX exemptions, and cryptographic attestations with Cosign.
Run the Workshop with Docker Labspace
For JCON Europe 2026, use the Docker Labspace version of the workshop. It launches the instructions with an attached editor in your browser.
The browser terminal is attached to your own computer, and many tools needed for the workshop, including Cosign, are already installed in the lab environment. This is the most guided format and the easiest way to jump in quickly.
If you do not already have the Docker Labspace extension installed in Docker Desktop:
docker extension install dockersamples/labspace-extension
Then launch the lab:
You can also launch it directly from the OCI artifact:
docker compose -f oci://docker.io/aerabi/docker-commandos-labspace up -d
Then open:
Bring Docker Commandos to Your Team
Available as a conference talk, a half-day deep dive, or a full-day on-site training — tailored to your stack.