From 0f8828e2334d152a0601d6e914ba01e8160a2e17 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Wed, 2 Aug 2023 20:17:13 +0200 Subject: [PATCH] scout: add integration overview page Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- _data/toc.yaml | 4 +++ desktop/use-desktop/images.md | 4 +-- scout/advisory-db-sources.md | 5 ++-- scout/index.md | 13 ++------- scout/integrations/index.md | 55 +++++++++++++++++++++++++++++++++++ scout/quickstart.md | 6 ++-- 6 files changed, 69 insertions(+), 18 deletions(-) create mode 100644 scout/integrations/index.md diff --git a/_data/toc.yaml b/_data/toc.yaml index 468c3ad232..f05410c509 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1952,6 +1952,10 @@ manuals: title: Advisory Database - path: /scout/data-handling/ title: Data handling + - sectiontitle: Integrations + section: + - title: Overview + path: /scout/integrations/ - sectiontitle: Docker Admin (Early Access) section: diff --git a/desktop/use-desktop/images.md b/desktop/use-desktop/images.md index e1f1472bc6..d01a936b12 100644 --- a/desktop/use-desktop/images.md +++ b/desktop/use-desktop/images.md @@ -98,8 +98,8 @@ By default, when you go to **Images** in Docker Desktop, you see a list of image The **Local** and **Hub** tabs near the top toggles between viewing images in your local image store, and images in remote Docker Hub repositories that you have access to. -You can also [connect JFrog Artifactory registries](#connect-an-artifactory-registry), -and browse images in JFrog repositories directly in Docker Desktop. +For more information about supported integrations, see +[Integrating Docker Scout](../../scout/integrations/index.md). ### Hub diff --git a/scout/advisory-db-sources.md b/scout/advisory-db-sources.md index a936208625..cb91e6e8d5 100644 --- a/scout/advisory-db-sources.md +++ b/scout/advisory-db-sources.md @@ -62,9 +62,8 @@ images that Docker Scout can then match to CVEs. Find more details on how this works in the [Advanced image analysis document](./advanced-image-analysis.md). Docker Scout is ideal for analyzing images in Docker Desktop and Docker Hub, but -the flexibility of the approach also means it can integrate with other image -sources, for example, [JFrog -Artifactory](https://docs.docker.com/scout/artifactory/). +the flexibility of the approach also means it can integrate with other systems, +see [Integrating Docker Scout with other systems](./integrations/index.md). ## How Docker Scout makes more precise matches diff --git a/scout/index.md b/scout/index.md index 5dfe97b7f3..5a0e2d0364 100644 --- a/scout/index.md +++ b/scout/index.md @@ -25,10 +25,9 @@ packages and layers called a [Software bill of materials (SBOM)](https://ntia.go It then correlates this inventory with a continuously updated vulnerability database to identify vulnerabilities in your images. -You can use Docker Scout in [Docker Desktop](#docker-desktop), [Docker Hub](#docker-hub), [continuous integration](./ci.md), the [Docker CLI](#docker-scout-cli), -and in -the [Docker Scout Dashboard](./dashboard.md). If you host your images in JFrog Artifactory, you -can also [use Docker Scout to analyze your images](./artifactory.md) there. +You can use Docker Scout in [Docker Desktop](#docker-desktop), [Docker Hub](#docker-hub), the [Docker CLI](#docker-scout-cli), +and in the [Docker Scout Dashboard](./dashboard.md). Docker Scout also supports integrations with third-party systems, +refer to [Integrating Docker Scout](./integrations/index.md) for more information. {% include scout-plans.md %} @@ -116,9 +115,3 @@ an organization with your team. You can also use the dashboard settings to enabl Docker Scout on multiple images from Docker Hub at once. For more information, read the [Docker Scout Dashboard guide](./dashboard.md). - -### JFrog Artifactory integration - -Users of JFrog Artifactory, or JFrog Container Registry, can integrate Docker -Scout to enable automatic analysis of images locally and remotely. For more -information, see [Artifactory integration](./artifactory.md). diff --git a/scout/integrations/index.md b/scout/integrations/index.md new file mode 100644 index 0000000000..00f37910a1 --- /dev/null +++ b/scout/integrations/index.md @@ -0,0 +1,55 @@ +--- +description: How to setup Docker Scout with other systems. +keywords: supply chain, security, integrations, registries, ci, environments +title: Integrating Docker Scout with other systems +--- + +{% include scout-early-access.md %} + +By default, Docker Scout integrates with your Docker organization and your +Docker Scout-enabled repositories on Docker Hub. You can integrate Docker Scout +with additional third-party systems to get access to even more insights, +including realtime information about you running workloads. + +## Integration categories + +You'll get different insights depending on where and how you choose to integrate +Docker Scout. + +### Container registries + +Integrating Docker Scout with third-party container +registries enables Docker Scout to run image analysis on those repositories, +so that you can get insights into the composition of those images even if they +aren't hosted on Docker Hub. + +The following container registry integrations are available: + +- [Artifactory](../artifactory.md) +- Amazon ECR (coming soon) + +### Continuous Integration + +Integrating Docker Scout with Continuous Integration (CI) systems is a great +way to get instant, automatic feedback about your security posture in your inner +loop. Analysis running in CI also gets the benefit of additional context that's +useful for getting even more insights. + +The following CI integrations are available: + +- [GitHub Actions](./ci/gha.md) +- [GitLab](./ci/gitlab.md) +- [Microsoft Azure DevOps Pipelines](./ci/azure.md) +- [Circle CI](./ci/circle-ci.md) +- [Jenkins](./ci/jenkins.md) + +### Environment monitoring + +Environment monitoring refers to integrating Docker Scout with your deployments. +This can give you information in realtime about your running container workloads. + +Integrating with environments lets you compare production workloads to other +versions, in your image repositories or in your other environments. + +For more information about environmet integrations, see +[Environments](./environment/index.md). diff --git a/scout/quickstart.md b/scout/quickstart.md index 1cc58c2ac2..a202d0c7ca 100644 --- a/scout/quickstart.md +++ b/scout/quickstart.md @@ -166,7 +166,8 @@ base images your images use. You can see and share the same vulnerability information about an image and the other images in your organization in the [Docker Scout Dashboard](./dashboard.md). -All organization members can see an overview of all their images from Docker Hub and Artifactory, + +All organization members can see an overview of all their images from integrated container registries, and get remediation advice at their fingertips. This helps team members in security, compliance, and operations to know what vulnerabilities and issues to focus on. @@ -213,6 +214,5 @@ different tags of the same image. - Explore the [Docker Scout Dashboard](/scout/dashboard) to see how you can collaborate with your team on vulnerabilities. -- [Find out how to integrate Docker Scout with your CI/CD pipeline](/scout/ci). +- [Learn how to integrate Docker Scout with other systems](./integrations/index.md). - [Find out where Docker Scout gets its vulnerability data](/scout/advisory-db-sources). -- [Integrate images from JFrog Artifactory](/scout/artifactory). \ No newline at end of file