Add description of Wolfi container install image (#42268)

kilfoyle · web-flow · commit b138d8ca4cd4 · 2025-01-10T11:19:00.000-05:00
diff --git a/libbeat/docs/shared-beats-attributes.asciidoc b/libbeat/docs/shared-beats-attributes.asciidoc
@@ -2,6 +2,7 @@
 :beats-ref-all: https://www.elastic.co/guide/en/beats/libbeat
 :dashboards: https://artifacts.elastic.co/downloads/beats/beats-dashboards/beats-dashboards-{version}.zip
 :dockerimage: docker.elastic.co/beats/{beatname_lc}:{version}
+:dockerimage-wolfi: docker.elastic.co/beats/{beatname_lc}-wolfi:{version}
 :dockerconfig: https://raw.githubusercontent.com/elastic/beats/{branch}/deploy/docker/{beatname_lc}.docker.yml
 :downloads: https://artifacts.elastic.co/downloads/beats
 :libbeat-processors-dir: {beats-root}/libbeat/processors
diff --git a/libbeat/docs/shared-docker.asciidoc b/libbeat/docs/shared-docker.asciidoc
@@ -35,6 +35,16 @@ https://www.docker.elastic.co[www.docker.elastic.co].
 
 ifndef::apm-server[]
 
+As another option, you can use the hardened link:https://wolfi.dev/[Wolfi] image.
+Using Wolfi images requires Docker version 20.10.10 or higher.
+For details about why the Wolfi images have been introduced, refer to our article 
+link:https://www.elastic.co/blog/reducing-cves-in-elastic-container-images[Reducing CVEs in Elastic container images].
+
+[source,terminal,subs="attributes"]
+----
+docker pull {dockerimage-wolfi}
+----
+
 ==== Optional: Verify the image
 
 You can use the https://docs.sigstore.dev/cosign/installation/[Cosign application] to verify the {beatname_uc} Docker image signature.
