How to pull Collibra Edge docker images

You can pull docker images used by Edge to perform security scans and audits. With this process, you use docker CLI to authenticate to the Collibra Edge docker registry in order to get a list of images used by each Edge site version.

Note This method of pulling images is only supported for security scanning of supported Edge versions, and not for new installations of an Edge site. If you want to use a private docker registry for new Edge site installations, use the method outlined in the Configure a private docker registry documentation. For more information on which versions of Edge are supported with the latest release, go to our Compatibility matrix.

Steps

  1. Authenticate with Collibra Edge docker registry.

    1. In your Edge site installer, find the registries.yaml file, which contains credentials to download an installer.
    2. Run the following command with the username and password from the registries.yaml file:
      Copy
      docker login edge-docker-delivery.repository.collibra.io -u username -p <password>
      Note  Docker credentials are read-only

  2. Use one of the following methods to obtain a list of images that need to be mirrored.
    Note 
    • You must install the jq command to use any of the following commands.
    • By default, the following commands list the images of the Edge version you have installed. If you want to list images from a different Edge version, add the ?edgeVersion={version} query parameter to the URL and specify the version of Edge you want to pull images from. You can find the available versions of Edge in the release notes.
    • The commands below show how to get a list of images that can run on your Edge site based on your licenses and site configuration. This is controlled by the .enabledImages parameter in the commands. While we recommend only obtaining a list of the enabled images for your specific Edge site, if you want to see other images, you can change this parameter to one of the following parameters:
      • .allImages: A list of all images that can run on an Edge site.
      • .filteredImages: A list of all images that can't run your Edge site based on your licenses and site configuration.
    1. If you are logged in to your Collibra account, you can go to the following URL, entering the relevant site and version information: https://{collibra-url}/edge/api/rest/v2/sites/{site-id}/images
      Tip This method is best if you quickly want to see the images of a specific Edge version.
    2. If you use OAuth, you can use an OAuth token.
      Tip This method is best if you need to create an automation script.
      1. If you don't already have an OAuth client, create one following the steps here.
      2. Run the following command to obtain the OAuth token. You need your OAuth client Client ID and Client Secret:
        Copy
        token=$( curl -s -X POST '{collibra-url}/rest/oauth/v2/token' \
            -H 'Content-Type: application/x-www-form-urlencoded' \
            -d 'client_id={client-id}' \
            -d 'client_secret={client-secret}' \
            -d 'grant_type=client_credentials' | jq -r .access_token )
      3. Run the following CURL command to pull the Edge version images. You need your Collibra URL, Edge site ID, and the OAuth token from the previous step:
        Copy
        curl -s -X GET \
            -H "Authorization: Bearer $token" \
            "{collibra-url}/edge/api/rest/v2/sites/{site-id}/images" | \
            jq -r .enabledImages
        edgeVersion
        The Edge version you want to pull images from. By default, this command pulls the images from your current version of Edge. You can add ?edgeVersion={version} to the CURL command to pull a different version of Edge images. For example: 
        curl -s -X GET \
    -H "Authorization: Bearer $token" \
    "https://mycollibra.collibra.com/edge/api/rest/v2/sites/myedge123/images?edgeVersion=2025.10.42" | \
    jq -r .enabledImages
        k3s
        If you want to include k3s specific images, you can add ?k3s={true} to the CURL command. By default, this is set to false. For example: 
        curl -s -X GET \
    -H "Authorization: Bearer $token" \
    "https://mycollibra.collibra.com/edge/api/rest/v2/sites/myedge123/images?k3s=true" | \
    jq -r .enabledImages
    3. If you use Basic authentication for your Edge site, use the following CURL command to get the list of images. You need the username and password of your Collibra user account, Collibra URL, and the Edge version:
      Copy
      curl -s -X GET \
          -u <dip_user> -p <dip_pass> \
          "{collibra-url}/edge/api/rest/v2/sites/{site-id}/images" | \
          jq -r .enabledImages
      Important If you use SSO, instead of username and password, you need to open /resources/manifests/sc-dgc-secret.yaml to obtain the username and password listed in the file. Enter the username for <dic_user> and enter the password for <dgc_pass>.
  3. To pull the images, run the following command for each image mentioned in the list obtained in step 2.
    Copy
    docker pull <image>
    Example 
    docker pull edge-docker-delivery.repository.collibra.io/capabilities/edgeharvester:1.5.0