How to pull Collibra Edge docker images

Pull Collibra Edge docker images to perform security scans or audits. To do this, you must authenticate to the Collibra Edge docker registry and retrieve the list of images for your specific Edge site version.

Important This procedure is for security scanning only. If you need to install a new Edge site using a private registry, see Configure a private docker registry.

Prerequisites

  • You have installed the jq command line tool.
  • You have access to your registries.yaml file (found in your Edge site installer).

Steps

1. Authenticate to the docker registry

Sign in to the registry to download images.

  1. Open the registries.yaml file in your Edge site installer.
  2. Find the username and password credentials.
  3. Run the following command using those credentials:
    4. Copy 
    docker login edge-docker-delivery.repository.collibra.io -u <username> -p <password>
    Note  Docker credentials are read-only.

2. Get the list of images

You need a list of images that match your specific Edge version and configuration. Use one of the following methods to generate this list.

Method A: Web Browser

Use this method if you have direct access to your Collibra Platform environment.

  1. Log in to your Collibra environment.
  2. Go to the following URL (replace {collibra-url} and {site-id} with your specific values): https://{collibra-url}/edge/api/rest/v2/sites/{site-id}/images
  3. Save the output list.

Method B: OAuth

Use this method if you need to script the process.

  1. Obtain your OAuth Client ID and Client Secret.
  2. Run the following command to get an access token:
    Copy
    token=$( curl -s -X POST '{collibra-url}/rest/oauth/v2/token' \
        -H 'Content-Type: application/x-www-form-urlencoded' \
        -d 'client_id={client-id}' \
        -d 'client_secret={client-secret}' \
        -d 'grant_type=client_credentials' | jq -r .access_token )
  3. Run the following command to get the image list:
    Copy
    curl -s -X GET \
        -H "Authorization: Bearer $token" \
        "{collibra-url}/edge/api/rest/v2/sites/{site-id}/images" | \
        jq -r .enabledImages

Method C: Basic Authentication

Use this method if you do not use SSO or OAuth.

  1. Run the following command using your Collibra username and password:
    Copy
    curl -s -X GET \
        -u <dip_user> -p <dip_pass> \
        "{collibra-url}/edge/api/rest/v2/sites/{site-id}/images" | \
        jq -r .enabledImages
    Important If you use SSO, you must use the credentials found in the/resources/manifests/sc-dgc-secret.yaml file instead of your Collibra username and password. Enter the username for <dic_user> and enter the password for <dgc_pass>.

Advanced options

Query parameters: Add these parameters to the URL in your curl command to customize the response.

  • Edge version (edgeVersion): Specifies the Edge version you want to pull images from. By default, the command uses your current Edge version. Go to the release notes for valid version numbers.
    • Example 
    curl -s -X GET \
	-H "Authorization: Bearer $token" \
	"{collibra-url}/edge/api/rest/v2/sites/{site-id}/images?edgeVersion=2025.10.42" | \
	jq -r .enabledImages
  • K3s Images (k3s): Includes k3s-specific images in the list. By default, this is set to false.
    • Example 
    curl -s -X GET \
	-H "Authorization: Bearer $token" \
	"{collibra-url}/edge/api/rest/v2/sites/{site-id}/images?k3s=true" | \
	jq -r .enabledImages

Output filtering (jq): Change the .enabledImages parameter in the command to filter the list:

  • .allImages: Lists all possible images that can run on an Edge site.
  • .filteredImages: Lists images that cannot run on your site due to license or configuration constraints.

3. Pull the images

  1. Review the list of images you generated in Step 2.
  2. Run the pull command for each image in the list: 
    docker pull <image_name>
    Example 
    docker pull edge-docker-delivery.repository.collibra.io/capabilities/edgeharvester:1.5.0