From 1797b28cc3bfbd3d68cdbdecdd8522eec64d90cb Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 25 Mar 2024 08:42:14 +0100 Subject: [PATCH] vendor: manually vendor scout-cli@1aac31a Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .../github.com/docker/scout-cli/docs/scout.md | 36 --- .../scout-cli/docs/scout_attestation.md | 19 -- .../scout-cli/docs/scout_attestation_add.md | 19 -- .../docker/scout-cli/docs/scout_cache.md | 16 -- .../docker/scout-cli/docs/scout_cache_df.md | 52 ---- .../scout-cli/docs/scout_cache_prune.md | 41 --- .../docker/scout-cli/docs/scout_compare.md | 108 ------- .../docker/scout-cli/docs/scout_config.md | 38 --- .../docker/scout-cli/docs/scout_cves.md | 269 ------------------ .../docker/scout-cli/docs/scout_enroll.md | 11 - .../scout-cli/docs/scout_environment.md | 58 ---- .../docker/scout-cli/docs/scout_help.md | 8 - .../scout-cli/docs/scout_integration.md | 17 -- .../docs/scout_integration_configure.md | 16 -- .../docs/scout_integration_delete.md | 15 - .../scout-cli/docs/scout_integration_list.md | 15 - .../docker/scout-cli/docs/scout_policy.md | 51 ---- .../docker/scout-cli/docs/scout_push.md | 29 -- .../docker/scout-cli/docs/scout_quickview.md | 96 ------- .../scout-cli/docs/scout_recommendations.md | 71 ----- .../docker/scout-cli/docs/scout_repo.md | 17 -- .../scout-cli/docs/scout_repo_disable.md | 43 --- .../scout-cli/docs/scout_repo_enable.md | 43 --- .../docker/scout-cli/docs/scout_repo_list.md | 18 -- .../docker/scout-cli/docs/scout_sbom.md | 83 ------ .../docker/scout-cli/docs/scout_stream.md | 47 --- .../docker/scout-cli/docs/scout_version.md | 38 --- .../docker/scout-cli/docs/scout_watch.md | 53 ---- _vendor/modules.txt | 1 - .../docs => data/scout-cli}/docker_scout.yaml | 0 .../scout-cli}/docker_scout_attestation.yaml | 0 .../docker_scout_attestation_add.yaml | 0 .../scout-cli}/docker_scout_cache.yaml | 0 .../scout-cli}/docker_scout_cache_df.yaml | 0 .../scout-cli}/docker_scout_cache_prune.yaml | 10 - .../scout-cli}/docker_scout_compare.yaml | 0 .../scout-cli}/docker_scout_config.yaml | 0 .../scout-cli}/docker_scout_cves.yaml | 17 +- .../scout-cli}/docker_scout_enroll.yaml | 0 .../scout-cli}/docker_scout_environment.yaml | 0 .../scout-cli}/docker_scout_help.yaml | 0 .../scout-cli}/docker_scout_integration.yaml | 0 .../docker_scout_integration_configure.yaml | 0 .../docker_scout_integration_delete.yaml | 0 .../docker_scout_integration_list.yaml | 0 .../scout-cli}/docker_scout_policy.yaml | 0 .../scout-cli}/docker_scout_push.yaml | 0 .../scout-cli}/docker_scout_quickview.yaml | 0 .../docker_scout_recommendations.yaml | 0 .../scout-cli}/docker_scout_repo.yaml | 0 .../scout-cli}/docker_scout_repo_disable.yaml | 0 .../scout-cli}/docker_scout_repo_enable.yaml | 0 .../scout-cli}/docker_scout_repo_list.yaml | 0 .../scout-cli}/docker_scout_sbom.yaml | 0 .../scout-cli}/docker_scout_stream.yaml | 0 .../scout-cli}/docker_scout_version.yaml | 0 .../scout-cli}/docker_scout_watch.yaml | 0 go.mod | 2 - hugo.yaml | 6 - 59 files changed, 7 insertions(+), 1356 deletions(-) delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_attestation.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_cache.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_cache_df.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_compare.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_config.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_cves.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_enroll.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_environment.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_help.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_integration.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_integration_list.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_policy.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_push.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_quickview.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_recommendations.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_repo.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_repo_list.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_sbom.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_stream.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_version.md delete mode 100644 _vendor/github.com/docker/scout-cli/docs/scout_watch.md rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_attestation.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_attestation_add.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_cache.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_cache_df.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_cache_prune.yaml (88%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_compare.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_config.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_cves.yaml (96%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_enroll.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_environment.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_help.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_integration.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_integration_configure.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_integration_delete.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_integration_list.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_policy.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_push.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_quickview.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_recommendations.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_repo.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_repo_disable.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_repo_enable.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_repo_list.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_sbom.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_stream.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_version.yaml (100%) rename {_vendor/github.com/docker/scout-cli/docs => data/scout-cli}/docker_scout_watch.yaml (100%) diff --git a/_vendor/github.com/docker/scout-cli/docs/scout.md b/_vendor/github.com/docker/scout-cli/docs/scout.md deleted file mode 100644 index c2f8f7b3a7..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout.md +++ /dev/null @@ -1,36 +0,0 @@ -# docker scout - -``` -docker scout COMMAND -``` - - -Command line tool for Docker Scout - -### Subcommands - -| Name | Description | -|:----------------------------------------------|:--------------------------------------------------------------------------------------------| -| [`attestation`](scout_attestation.md) | Manage attestations on image indexes | -| [`cache`](scout_cache.md) | Manage Docker Scout cache and temporary files | -| [`compare`](scout_compare.md) | Compare two images and display differences (experimental) | -| [`config`](scout_config.md) | Manage Docker Scout configuration | -| [`cves`](scout_cves.md) | Display CVEs identified in a software artifact | -| [`enroll`](scout_enroll.md) | Enroll an organization with Docker Scout | -| [`environment`](scout_environment.md) | Manage environments (experimental) | -| [`help`](scout_help.md) | Display information about the available commands | -| [`integration`](scout_integration.md) | Commands to list, configure, and delete Docker Scout integrations | -| [`policy`](scout_policy.md) | Evaluate policies against an image and display the policy evaluation results (experimental) | -| [`push`](scout_push.md) | Push an image or image index to Docker Scout (experimental) | -| [`quickview`](scout_quickview.md) | Quick overview of an image | -| [`recommendations`](scout_recommendations.md) | Display available base image updates and remediation recommendations | -| [`repo`](scout_repo.md) | Commands to list, enable, and disable Docker Scout on repositories | -| [`sbom`](scout_sbom.md) | Generate or display SBOM of an image | -| [`stream`](scout_stream.md) | Manage streams (experimental) | -| [`version`](scout_version.md) | Show Docker Scout version information | -| [`watch`](scout_watch.md) | Watch repositories in a registry and push images and indexes to Docker Scout (experimental) | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_attestation.md b/_vendor/github.com/docker/scout-cli/docs/scout_attestation.md deleted file mode 100644 index d4f6bc5827..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_attestation.md +++ /dev/null @@ -1,19 +0,0 @@ -# docker scout attestation - - -Manage attestations on image indexes - -### Aliases - -`docker scout attestation`, `docker scout attest` - -### Subcommands - -| Name | Description | -|:----------------------------------|:-------------------------| -| [`add`](scout_attestation_add.md) | Add attestation to image | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md b/_vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md deleted file mode 100644 index 5f09c0fffd..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md +++ /dev/null @@ -1,19 +0,0 @@ -# docker scout attestation add - - -Add attestation to image - -### Aliases - -`docker scout attestation add`, `docker scout attest add` - -### Options - -| Name | Type | Default | Description | -|:-------------------|:--------------|:--------|:----------------------------------------| -| `--file` | `stringSlice` | | File location of attestations to attach | -| `--predicate-type` | `string` | | Predicate-type for attestations | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache.md deleted file mode 100644 index 9bb212dd3d..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cache.md +++ /dev/null @@ -1,16 +0,0 @@ -# docker scout cache - - -Manage Docker Scout cache and temporary files - -### Subcommands - -| Name | Description | -|:--------------------------------|:--------------------------------| -| [`df`](scout_cache_df.md) | Show Docker Scout disk usage | -| [`prune`](scout_cache_prune.md) | Remove temporary or cached data | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md deleted file mode 100644 index 71dcf99560..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md +++ /dev/null @@ -1,52 +0,0 @@ -# docker scout cache df - - -Show Docker Scout disk usage - - - - -## Description - -Docker Scout uses a temporary cache storage for generating image SBOMs. -The cache helps avoid regenerating or fetching resources unnecessarily. - -This `docker scout cache df` command shows the cached data on the host. -Each cache entry is identified by the digest of the image. - -You can use the `docker scout cache prune` command to delete cache data at any time. - -## Examples - -### List temporary and cache files - -```console -$ docker scout cache df -Docker Scout temporary directory to generate SBOMs is located at: - /var/folders/dw/d6h9w2sx6rv3lzwwgrnx7t5h0000gp/T/docker-scout - this path can be configured using the DOCKER_SCOUT_CACHE_DIR environment variable - - Image Digest │ Size -──────────────────────────────────────────────────────────────────────────┼──────── - sha256:c41ab5c992deb4fe7e5da09f67a8804a46bd0592bfdf0b1847dde0e0889d2bff │ 21 kB - -Total: 21 kB - - -Docker Scout cached SBOMs are located at: - /Users/user/.docker/scout/sbom - - Image Digest │ Size of SBOM -──────────────────────────────────────────────────────────────────────────┼─────────────── - sha256:02bb6f428431fbc2809c5d1b41eab5a68350194fb508869a33cb1af4444c9b11 │ 42 kB - sha256:03fc002fe4f370463a8f04d3a288cdffa861e462fc8b5be44ab62b296ad95183 │ 100 kB - sha256:088134dd33e4a2997480a1488a41c11abebda465da5cf7f305a0ecf8ed494329 │ 194 kB - sha256:0b80b2f17aff7ee5bfb135c69d0d6fe34070e89042b7aac73d1abcc79cfe6759 │ 852 kB - sha256:0c9e8abe31a5f17d84d5c85d3853d2f948a4f126421e89e68753591f1b6fedc5 │ 930 kB - sha256:0d49cae0723c8d310e413736b5e91e0c59b605ade2546f6e6ef8f1f3ddc76066 │ 510 kB - sha256:0ef04748d071c2e631bb3edce8f805cb5512e746b682c83fdae6d8c0b243280b │ 1.0 MB - sha256:13fd22925b638bb7d2131914bb8f8b0f5f582bee364aec682d9e7fe722bb486a │ 42 kB - sha256:174c41d4fbc7f63e1f2bb7d2f7837318050406f2f27e5073a84a84f18b48b883 │ 115 kB - -Total: 4 MB -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md deleted file mode 100644 index f53a51203b..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md +++ /dev/null @@ -1,41 +0,0 @@ -# docker scout cache prune - - -Remove temporary or cached data - -### Options - -| Name | Type | Default | Description | -|:----------------|:-----|:--------|:-------------------------------| -| `--epss` | | | Prune cached EPSS scores | -| `-f`, `--force` | | | Do not prompt for confirmation | -| `--sboms` | | | Prune cached SBOMs | - - - - -## Description - -The `docker scout cache prune` command removes temporary data and SBOM cache. - -By default, `docker scout cache prune` only deletes temporary data. -To delete temporary data and clear the SBOM cache, use the `--sboms` flag. - -## Examples - -### Delete temporary data - -```console -$ docker scout cache prune -? Are you sure to delete all temporary data? Yes - ✓ temporary data deleted -``` - -### Delete temporary _and_ cache data - -```console -$ docker scout cache prune --sboms -? Are you sure to delete all temporary data and all cached SBOMs? Yes - ✓ temporary data deleted - ✓ cached SBOMs deleted -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_compare.md b/_vendor/github.com/docker/scout-cli/docs/scout_compare.md deleted file mode 100644 index b3530da571..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_compare.md +++ /dev/null @@ -1,108 +0,0 @@ -# docker scout compare - - -Compare two images and display differences (experimental) - -### Aliases - -`docker scout compare`, `docker scout diff` - -### Options - -| Name | Type | Default | Description | -|:----------------------|:--------------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `-x`, `--exit-on` | `stringSlice` | | Comma separated list of conditions to fail the action step if worse, options are: vulnerability, policy | -| `--format` | `string` | `text` | Output format of the generated vulnerability report:
- text: default output, plain text with or without colors depending on the terminal
- markdown: Markdown output
| -| `--hide-policies` | | | Hide policy status from the output | -| `--ignore-base` | | | Filter out CVEs introduced from base image | -| `--ignore-unchanged` | | | Filter out unchanged packages | -| `--multi-stage` | | | Show packages from multi-stage Docker builds | -| `--only-fixed` | | | Filter to fixable CVEs | -| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) | -| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by | -| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names | -| `--only-unfixed` | | | Filter to unfixed CVEs | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--to` | `string` | | Image, directory, or archive to compare to | -| `--to-env` | `string` | | Name of environment to compare to | -| `--to-latest` | | | Latest image processed to compare to | -| `--to-ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive. | - - - - -## Description - -The `docker scout compare` command analyzes two images and displays a comparison. - -> This command is **experimental** and its behaviour might change in the future - -The intended use of this command is to compare two versions of the same image. -For instance, when a new image is built and compared to the version running in production. - -If no image is specified, the most recently built image is used -as a comparison target. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file - -## Examples - -### Compare the most recently built image to the latest tag - -```console -$ docker scout compare --to namespace/repo:latest -``` - -### Compare local build to the same tag from the registry - -```console -$ docker scout compare local://namespace/repo:latest --to registry://namespace/repo:latest -``` - -### Ignore base images - -```console -$ docker scout compare --ignore-base --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` - -### Generate a markdown output - -```console -$ docker scout compare --format markdown --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` - -### Only compare maven packages and only display critical vulnerabilities for maven packages - -```console -$ docker scout compare --only-package-type maven --only-severity critical --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` - -### Show all policy results for both images - -```console -docker scout compare --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_config.md b/_vendor/github.com/docker/scout-cli/docs/scout_config.md deleted file mode 100644 index 1a6e8b69c9..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_config.md +++ /dev/null @@ -1,38 +0,0 @@ -# docker scout config - - -Manage Docker Scout configuration - - - - -## Description - -`docker scout config` allows you to list, get and set Docker Scout configuration. - -Available configuration key: - -- `organization`: Namespace of the Docker organization to be used by default. - -## Examples - -### List existing configuration - -```console -$ docker scout config -organization=my-org-namespace -``` - -### Print configuration value - -```console -$ docker scout config organization -my-org-namespace -``` - -### Set configuration value - -```console -$ docker scout config organization my-org-namespace - ✓ Successfully set organization to my-org-namespace -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md deleted file mode 100644 index 3b5c19c57a..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md +++ /dev/null @@ -1,269 +0,0 @@ -# docker scout cves - -``` -docker scout cves [OPTIONS] [IMAGE|DIRECTORY|ARCHIVE] -``` - - -Display CVEs identified in a software artifact - -### Options - -| Name | Type | Default | Description | -|:-----------------------|:--------------|:-----------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `--details` | | | Print details on default text output | -| `--env` | `string` | | Name of environment | -| [`--epss`](#epss) | | | Display the EPSS scores and organize the package's CVEs according to their EPSS score | -| `--epss-date` | `string` | | Date to use for EPSS scores | -| `--epss-percentile` | `float32` | `0` | Exclude CVEs with EPSS scores less than the specified percentile (0 to 1) | -| `--epss-score` | `float32` | `0` | Exclude CVEs with EPSS scores less than the specified value (0 to 1) | -| `-e`, `--exit-code` | | | Return exit code '2' if vulnerabilities are detected | -| `--format` | `string` | `packages` | Output format of the generated vulnerability report:
- packages: default output, plain text with vulnerabilities grouped by packages
- sarif: json Sarif output
- spdx: json SPDX output
- markdown: markdown output (including some html tags like collapsible sections)
- sbom: json SBOM output
| -| `--ignore-base` | | | Filter out CVEs introduced from base image | -| `--locations` | | | Print package locations including file paths and layer diff_id | -| `--multi-stage` | | | Show packages from multi-stage Docker builds | -| `--only-cve-id` | `stringSlice` | | Comma separated list of CVE ids (like CVE-2021-45105) to search for | -| `--only-fixed` | | | Filter to fixable CVEs | -| `--only-metric` | `stringSlice` | | Comma separated list of CVSS metrics (like AV:N or PR:L) to filter CVEs by | -| `--only-package` | `stringSlice` | | Comma separated regular expressions to filter packages by | -| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) | -| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by | -| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names | -| `--only-unfixed` | | | Filter to unfixed CVEs | -| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected | -| `--only-vuln-packages` | | | When used with --format=only-packages ignore packages with no vulnerabilities | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--vex-author` | `stringSlice` | | List of VEX statement authors to accept | -| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements | - - - - -## Description - -The `docker scout cves` command analyzes a software artifact for vulnerabilities. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file -- `sbom://` SPDX file or in-toto attestation file with SPDX predicate or `syft` json SBOM file - In case of `sbom://` prefix, if the file is not defined then it will try to read it from the standard input. - -## Examples - -### Display vulnerabilities grouped by package - -```console -$ docker scout cves alpine -Analyzing image alpine -✓ Image stored for indexing -✓ Indexed 18 packages -✓ No vulnerable package detected -``` - -### Display vulnerabilities from a `docker save` tarball - -```console -$ docker save alpine > alpine.tar - -$ docker scout cves archive://alpine.tar -Analyzing archive alpine.tar -✓ Archive read -✓ SBOM of image already cached, 18 packages indexed -✓ No vulnerable package detected -``` - -### Display vulnerabilities from an OCI directory - -```console -$ skopeo copy --override-os linux docker://alpine oci:alpine - -$ docker scout cves oci-dir://alpine -Analyzing OCI directory alpine -✓ OCI directory read -✓ Image stored for indexing -✓ Indexed 19 packages -✓ No vulnerable package detected -``` - -### Display vulnerabilities from the current directory - -```console -$ docker scout cves fs://. -``` - -### Export vulnerabilities to a SARIF JSON file - -```console -$ docker scout cves --format sarif --output alpine.sarif.json alpine -Analyzing image alpine -✓ SBOM of image already cached, 18 packages indexed -✓ No vulnerable package detected -✓ Report written to alpine.sarif.json -``` - -### Display markdown output - -The following example shows how to generate the vulnerability report as markdown. - -```console -$ docker scout cves --format markdown alpine -✓ Pulled -✓ SBOM of image already cached, 19 packages indexed -✗ Detected 1 vulnerable package with 3 vulnerabilities -

:mag: Vulnerabilities of alpine

- -
:package: Image Reference alpine - - - - - -
digestsha256:e3bd82196e98898cae9fe7fbfd6e2436530485974dc4fb3b7ddb69134eda2407
vulnerabilitiescritical: 0 high: 0 medium: 2 low: 0 unspecified: 1
platformlinux/arm64
size3.3 MB
packages19
-
- -... -``` - -### List all vulnerable packages of a certain type - -The following example shows how to generate a list of packages, only including -packages of the specified type, and only showing packages that are vulnerable. - -```console -$ docker scout cves --format only-packages --only-package-type golang --only-vuln-packages golang:1.18.0 -✓ Pulled -✓ SBOM of image already cached, 296 packages indexed -✗ Detected 1 vulnerable package with 40 vulnerabilities - -Name Version Type Vulnerabilities -─────────────────────────────────────────────────────────── -stdlib 1.18 golang 2C 29H 8M 1L -``` - -### Display EPSS score (--epss) - -The `--epss` flag adds [Exploit Prediction Scoring System (EPSS)](https://www.first.org/epss/) -scores to the `docker scout cves` output. EPSS scores are estimates of the likelihood (probability) -that a software vulnerability will be exploited in the wild in the next 30 days. -The higher the score, the greater the probability that a vulnerability will be exploited. - -```console {hl_lines=13,14} -$ docker scout cves --epss nginx - ✓ Provenance obtained from attestation - ✓ SBOM obtained from attestation, 232 packages indexed - ✓ Pulled - ✗ Detected 23 vulnerable packages with a total of 39 vulnerabilities - -... - - ✗ HIGH CVE-2023-52425 - https://scout.docker.com/v/CVE-2023-52425 - Affected range : >=2.5.0-1 - Fixed version : not fixed - EPSS Score : 0.000510 - EPSS Percentile : 0.173680 -``` - -- `EPSS Score` is a floating point number between 0 and 1 representing the probability of exploitation in the wild in the next 30 days (following score publication). -- `EPSS Percentile` is the percentile of the current score, the proportion of all scored vulnerabilities with the same or a lower EPSS score. - -You can use the `--epss-score` and `--epss-percentile` flags to filter the output -of `docker scout cves` based on these scores. For example, -to only show vulnerabilities with an EPSS score higher than 0.5: - -```console -$ docker scout cves --epss --epss-score 0.5 nginx - ✓ SBOM of image already cached, 232 packages indexed - ✓ EPSS scores for 2024-03-01 already cached - ✗ Detected 1 vulnerable package with 1 vulnerability - -... - - ✗ LOW CVE-2023-44487 - https://scout.docker.com/v/CVE-2023-44487 - Affected range : >=1.22.1-9 - Fixed version : not fixed - EPSS Score : 0.705850 - EPSS Percentile : 0.979410 -``` - -EPSS scores are updated on a daily basis. -By default, the latest available score is displayed. -You can use the `--epss-date` flag to manually specify a date -in the format `yyyy-mm-dd` for fetching EPSS scores. - -```console -$ docker scout cves --epss --epss-date 2024-01-02 nginx -``` - -### List vulnerabilities from an SPDX file - -The following example shows how to generate a list of vulnerabilities from an SPDX file using `syft`. - -```console -$ syft -o spdx-json alpine:3.16.1 | docker scout cves sbom:// - ✔ Pulled image - ✔ Loaded image alpine:3.16.1 - ✔ Parsed image sha256:3d81c46cd8756ddb6db9ec36fa06a6fb71c287fb265232ba516739dc67a5f07d - ✔ Cataloged contents 274a317d88b54f9e67799244a1250cad3fe7080f45249fa9167d1f871218d35f - ├── ✔ Packages [14 packages] - ├── ✔ File digests [75 files] - ├── ✔ File metadata [75 locations] - └── ✔ Executables [16 executables] - ✗ Detected 2 vulnerable packages with a total of 11 vulnerabilities - - -## Overview - - │ Analyzed SBOM -────────────────────┼────────────────────────────── - Target │ - digest │ 274a317d88b5 - platform │ linux/arm64 - vulnerabilities │ 1C 2H 8M 0L - packages │ 15 - - -## Packages and Vulnerabilities - - 1C 0H 0M 0L zlib 1.2.12-r1 -pkg:apk/alpine/zlib@1.2.12-r1?arch=aarch64&distro=alpine-3.16.1 - - ✗ CRITICAL CVE-2022-37434 - https://scout.docker.com/v/CVE-2022-37434 - Affected range : <1.2.12-r2 - Fixed version : 1.2.12-r2 - - ... - -11 vulnerabilities found in 2 packages - LOW 0 - MEDIUM 8 - HIGH 2 - CRITICAL 1 -``` \ No newline at end of file diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_enroll.md b/_vendor/github.com/docker/scout-cli/docs/scout_enroll.md deleted file mode 100644 index b60fd3471f..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_enroll.md +++ /dev/null @@ -1,11 +0,0 @@ -# docker scout enroll - - -Enroll an organization with Docker Scout - - - - -## Description - -The `docker scout enroll` command enrolls an organization with Docker Scout. diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_environment.md b/_vendor/github.com/docker/scout-cli/docs/scout_environment.md deleted file mode 100644 index 4f019ff35c..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_environment.md +++ /dev/null @@ -1,58 +0,0 @@ -# docker scout environment - - -Manage environments (experimental) - -### Aliases - -`docker scout environment`, `docker scout env` - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:-------------------------------------| -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to record | - - - - -## Description - -The `docker scout environment` command lists the environments. -If you pass an image reference, the image is recorded to the specified environment. - -Once recorded, environments can be referred to by their name. For example, -you can refer to the `production` environment with the `docker scout compare` -command as follows: - -```console -$ docker scout compare --to-env production -``` - -## Examples - -### List existing environments - -```console -$ docker scout environment -prod -staging -``` - -### List images of an environment - -```console -$ docker scout environment staging -namespace/repo:tag@sha256:9a4df4fadc9bbd44c345e473e0688c2066a6583d4741679494ba9228cfd93e1b -namespace/other-repo:tag@sha256:0001d6ce124855b0a158569c584162097fe0ca8d72519067c2c8e3ce407c580f -``` - -### Record an image to an environment, for a specific platform - -```console -$ docker scout environment staging namespace/repo:stage-latest --platform linux/amd64 -✓ Pulled -✓ Successfully recorded namespace/repo:stage-latest in environment staging -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_help.md b/_vendor/github.com/docker/scout-cli/docs/scout_help.md deleted file mode 100644 index ec152c6aaf..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_help.md +++ /dev/null @@ -1,8 +0,0 @@ -# docker scout help - - -Display information about the available commands - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration.md deleted file mode 100644 index 9a2def3a0b..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration.md +++ /dev/null @@ -1,17 +0,0 @@ -# docker scout integration - - -Commands to list, configure, and delete Docker Scout integrations - -### Subcommands - -| Name | Description | -|:----------------------------------------------|:----------------------------------------------------| -| [`configure`](scout_integration_configure.md) | Configure or update a new integration configuration | -| [`delete`](scout_integration_delete.md) | Delete a new integration configuration | -| [`list`](scout_integration_list.md) | Integration Docker Scout | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md deleted file mode 100644 index 521193ae3b..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md +++ /dev/null @@ -1,16 +0,0 @@ -# docker scout integration configure - - -Configure or update a new integration configuration - -### Options - -| Name | Type | Default | Description | -|:--------------|:--------------|:--------|:-------------------------------------------------------------| -| `--name` | `string` | | Name of integration configuration to create | -| `--org` | `string` | | Namespace of the Docker organization | -| `--parameter` | `stringSlice` | | Integration parameters in the form of --parameter NAME=VALUE | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md deleted file mode 100644 index 0a68c8adca..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md +++ /dev/null @@ -1,15 +0,0 @@ -# docker scout integration delete - - -Delete a new integration configuration - -### Options - -| Name | Type | Default | Description | -|:---------|:---------|:--------|:--------------------------------------------| -| `--name` | `string` | | Name of integration configuration to delete | -| `--org` | `string` | | Namespace of the Docker organization | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration_list.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration_list.md deleted file mode 100644 index 67b39c59fc..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration_list.md +++ /dev/null @@ -1,15 +0,0 @@ -# docker scout integration list - - -Integration Docker Scout - -### Options - -| Name | Type | Default | Description | -|:---------|:---------|:--------|:------------------------------------------| -| `--name` | `string` | | Name of integration configuration to list | -| `--org` | `string` | | Namespace of the Docker organization | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_policy.md b/_vendor/github.com/docker/scout-cli/docs/scout_policy.md deleted file mode 100644 index 5da8fca8ba..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_policy.md +++ /dev/null @@ -1,51 +0,0 @@ -# docker scout policy - - -Evaluate policies against an image and display the policy evaluation results (experimental) - -### Options - -| Name | Type | Default | Description | -|:--------------------|:---------|:--------|:------------------------------------------------------------| -| `-e`, `--exit-code` | | | Return exit code '2' if policies are not met, '0' otherwise | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to pull policy results from | -| `--to-env` | `string` | | Name of the environment to compare to | -| `--to-latest` | | | Latest image processed to compare to | - - - - -## Description - -The `docker scout policy` command evaluates policies against an image. -The image analysis is uploaded to Docker Scout where policies get evaluated. - -The policy evaluation results may take a few minutes to become available. - -## Examples - -### Evaluate policies against an image and display the results - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 -``` - -### Evaluate policies against an image for a specific organization - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --org dockerscoutpolicy -``` - -### Evaluate policies against an image with a specific platform - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --platform linux/amd64 -``` - -### Compare policy results for a repository in a specific environment - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service --to-env production -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_push.md b/_vendor/github.com/docker/scout-cli/docs/scout_push.md deleted file mode 100644 index 4517438bff..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_push.md +++ /dev/null @@ -1,29 +0,0 @@ -# docker scout push - - -Push an image or image index to Docker Scout (experimental) - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:-------------------------------------------------------------------| -| `--author` | `string` | | Name of the author of the image | -| `--org` | `string` | | Namespace of the Docker organization to which image will be pushed | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--sbom` | | | Create and upload SBOMs | -| `--timestamp` | `string` | | Timestamp of image or tag creation | - - - - -## Description - -The `docker scout push` command lets you push an image or analysis result to Docker Scout. - -## Examples - -### Push an image to Docker Scout - -```console -$ docker scout push --org my-org registry.example.com/repo:tag -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md b/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md deleted file mode 100644 index a8f4880bbb..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md +++ /dev/null @@ -1,96 +0,0 @@ -# docker scout quickview - - -Quick overview of an image - -### Aliases - -`docker scout quickview`, `docker scout qv` - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:--------------------------------------------------------------------------------------------------------| -| `--env` | `string` | | Name of the environment | -| `--latest` | | | Latest indexed image | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | - - - - -## Description - -The `docker scout quickview` command displays a quick overview of an image. -It displays a summary of the vulnerabilities in the specified image -and vulnerabilities from the base image. -If available, it also displays base image refresh and update recommendations. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file -- `sbom://` SPDX file or in-toto attestation file with SPDX predicate or `syft` json SBOM file - In case of `sbom://` prefix, if the file is not defined then it will try to read it from the standard input. - -## Examples - -### Quick overview of an image - -```console -$ docker scout quickview golang:1.19.4 - ...Pulling - ✓ Pulled - ✓ SBOM of image already cached, 278 packages indexed - - Your image golang:1.19.4 │ 5C 3H 6M 63L - Base image buildpack-deps:bullseye-scm │ 5C 1H 3M 48L 6? - Refreshed base image buildpack-deps:bullseye-scm │ 0C 0H 0M 42L - │ -5 -1 -3 -6 -6 - Updated base image buildpack-deps:sid-scm │ 0C 0H 1M 29L - │ -5 -1 -2 -19 -6 -``` - -### Quick overview of the most recently built image - -```console -$ docker scout qv -``` - -### Quick overview from an SPDX file - -```console -$ syft -o spdx-json alpine:3.16.1 | docker scout quickview sbom:// - ✔ Loaded image alpine:3.16.1 - ✔ Parsed image sha256:3d81c46cd8756ddb6db9ec36fa06a6fb71c287fb265232ba516739dc67a5f07d - ✔ Cataloged contents 274a317d88b54f9e67799244a1250cad3fe7080f45249fa9167d1f871218d35f - ├── ✔ Packages [14 packages] - ├── ✔ File digests [75 files] - ├── ✔ File metadata [75 locations] - └── ✔ Executables [16 executables] - - Target │ │ 1C 2H 8M 0L - digest │ 274a317d88b5 │ -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md b/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md deleted file mode 100644 index f1ccdf64fe..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md +++ /dev/null @@ -1,71 +0,0 @@ -# docker scout recommendations - - -Display available base image updates and remediation recommendations - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:--------------------------------------------------------------------------------------------------------| -| `--only-refresh` | | | Only display base image refresh recommendations | -| `--only-update` | | | Only display base image update recommendations | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--tag` | `string` | | Specify tag | - - - - -## Description - -The `docker scout recommendations` command display recommendations for base images updates. -It analyzes the image and display recommendations to refresh or update the base image. -For each recommendation it shows a list of benefits, such as -fewer vulnerabilities or smaller image size. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file - -## Examples - -### Display base image update recommendations - -```console -$ docker scout recommendations golang:1.19.4 -``` - -### Display base image refresh only recommendations - -```console -$ docker scout recommendations --only-refresh golang:1.19.4 -``` - -### Display base image update only recommendations - -```console -$ docker scout recommendations --only-update golang:1.19.4 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo.md deleted file mode 100644 index 1f2038ea75..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo.md +++ /dev/null @@ -1,17 +0,0 @@ -# docker scout repo - - -Commands to list, enable, and disable Docker Scout on repositories - -### Subcommands - -| Name | Description | -|:-----------------------------------|:-------------------------------| -| [`disable`](scout_repo_disable.md) | Disable Docker Scout | -| [`enable`](scout_repo_enable.md) | Enable Docker Scout | -| [`list`](scout_repo_list.md) | List Docker Scout repositories | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md deleted file mode 100644 index 24842906b8..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md +++ /dev/null @@ -1,43 +0,0 @@ -# docker scout repo disable - - -Disable Docker Scout - -### Options - -| Name | Type | Default | Description | -|:----------------|:---------|:--------|:-----------------------------------------------------------------------------| -| `--all` | | | Disable all repositories of the organization. Can not be used with --filter. | -| `--filter` | `string` | | Regular expression to filter repositories by name | -| `--integration` | `string` | | Name of the integration to use for enabling an image | -| `--org` | `string` | | Namespace of the Docker organization | -| `--registry` | `string` | | Container Registry | - - - - -## Examples - -### Disable a specific repository - -```console -$ docker scout repo disable my/repository -``` - -### Disable all repositories of the organization - -```console -$ docker scout repo disable --all -``` - -### Disable some repositories based on a filter - -```console -$ docker scout repo disable --filter namespace/backend -``` - -### Disable a repository from a specific registry - -```console -$ docker scout repo disable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md deleted file mode 100644 index 3065a68bcc..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md +++ /dev/null @@ -1,43 +0,0 @@ -# docker scout repo enable - - -Enable Docker Scout - -### Options - -| Name | Type | Default | Description | -|:----------------|:---------|:--------|:----------------------------------------------------------------------------| -| `--all` | | | Enable all repositories of the organization. Can not be used with --filter. | -| `--filter` | `string` | | Regular expression to filter repositories by name | -| `--integration` | `string` | | Name of the integration to use for enabling an image | -| `--org` | `string` | | Namespace of the Docker organization | -| `--registry` | `string` | | Container Registry | - - - - -## Examples - -### Enable a specific repository - -```console -$ docker scout repo enable my/repository -``` - -### Enable all repositories of the organization - -```console -$ docker scout repo enable --all -``` - -### Enable some repositories based on a filter - -```console -$ docker scout repo enable --filter namespace/backend -``` - -### Enable a repository from a specific registry - -```console -$ docker scout repo enable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_list.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_list.md deleted file mode 100644 index 1e2d740574..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_list.md +++ /dev/null @@ -1,18 +0,0 @@ -# docker scout repo list - - -List Docker Scout repositories - -### Options - -| Name | Type | Default | Description | -|:------------------|:---------|:--------|:---------------------------------------------------------------------------| -| `--filter` | `string` | | Regular expression to filter repositories by name | -| `--only-disabled` | | | Filter to disabled repositories only | -| `--only-enabled` | | | Filter to enabled repositories only | -| `--only-registry` | `string` | | Filter to a specific registry only:
- hub.docker.com
- ecr (AWS ECR) | -| `--org` | `string` | | Namespace of the Docker organization | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md b/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md deleted file mode 100644 index bda5eb3d5b..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md +++ /dev/null @@ -1,83 +0,0 @@ -# docker scout sbom - - -Generate or display SBOM of an image - -### Options - -| Name | Type | Default | Description | -|:----------------------|:--------------|:--------|:----------------------------------------------------------------------------------------------------------------------------------------------| -| `--format` | `string` | `json` | Output format:
- list: list of packages of the image
- json: json representation of the SBOM
- spdx: spdx representation of the SBOM | -| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)
Can only be used with --format list | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | - - - - -## Description - -The `docker scout sbom` command analyzes a software artifact to generate a -Software Bill Of Materials (SBOM). - -The SBOM contains a list of all packages in the image. -You can use the `--format` flag to filter the output of the command -to display only packages of a specific type. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file - -## Examples - -### Display the list of packages - -```console -$ docker scout sbom --format list alpine -``` - -### Only display packages of a specific type - -```console - $ docker scout sbom --format list --only-package-type apk alpine -``` - -### Display the full SBOM in JSON format - -```console -$ docker scout sbom alpine -``` - -### Display the full SBOM of the most recently built image - -```console -$ docker scout sbom -``` - -### Write SBOM to a file - -```console -$ docker scout sbom --output alpine.sbom alpine -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_stream.md b/_vendor/github.com/docker/scout-cli/docs/scout_stream.md deleted file mode 100644 index 886df3e6cf..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_stream.md +++ /dev/null @@ -1,47 +0,0 @@ -# docker scout stream - - -Manage streams (experimental) - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:-------------------------------------| -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to record | - - - - -## Description - -The `docker scout stream` command lists the deployment streams and records an image to it. - -Once recorded, streams can be referred to by their name, eg. in the `docker scout compare` command using `--to-stream`. - -## Examples - -### List existing streams - -```console -$ %[1]s %[2]s -prod-cluster-123 -stage-cluster-234 -``` - -### List images of a stream - -```console -$ %[1]s %[2]s prod-cluster-123 -namespace/repo:tag@sha256:9a4df4fadc9bbd44c345e473e0688c2066a6583d4741679494ba9228cfd93e1b -namespace/other-repo:tag@sha256:0001d6ce124855b0a158569c584162097fe0ca8d72519067c2c8e3ce407c580f -``` - -### Record an image to a stream, for a specific platform - -```console -$ %[1]s %[2]s stage-cluster-234 namespace/repo:stage-latest --platform linux/amd64 -✓ Pulled -✓ Successfully recorded namespace/repo:stage-latest in stream stage-cluster-234 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_version.md b/_vendor/github.com/docker/scout-cli/docs/scout_version.md deleted file mode 100644 index 5365123c05..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_version.md +++ /dev/null @@ -1,38 +0,0 @@ -# docker scout version - -``` -docker scout version -``` - - -Show Docker Scout version information - - - - -## Examples - -```console -$ docker scout version - - ⢀⢀⢀ ⣀⣀⡤⣔⢖⣖⢽⢝ - ⡠⡢⡣⡣⡣⡣⡣⡣⡢⡀ ⢀⣠⢴⡲⣫⡺⣜⢞⢮⡳⡵⡹⡅ - ⡜⡜⡜⡜⡜⡜⠜⠈⠈ ⠁⠙⠮⣺⡪⡯⣺⡪⡯⣺ - ⢘⢜⢜⢜⢜⠜ ⠈⠪⡳⡵⣹⡪⠇ - ⠨⡪⡪⡪⠂ ⢀⡤⣖⢽⡹⣝⡝⣖⢤⡀ ⠘⢝⢮⡚ _____ _ - ⠱⡱⠁ ⡴⡫⣞⢮⡳⣝⢮⡺⣪⡳⣝⢦ ⠘⡵⠁ / ____| Docker | | - ⠁ ⣸⢝⣕⢗⡵⣝⢮⡳⣝⢮⡺⣪⡳⣣ ⠁ | (___ ___ ___ _ _| |_ - ⣗⣝⢮⡳⣝⢮⡳⣝⢮⡳⣝⢮⢮⡳ \___ \ / __/ _ \| | | | __| - ⢀ ⢱⡳⡵⣹⡪⡳⣝⢮⡳⣝⢮⡳⡣⡏ ⡀ ____) | (_| (_) | |_| | |_ - ⢀⢾⠄ ⠫⣞⢮⡺⣝⢮⡳⣝⢮⡳⣝⠝ ⢠⢣⢂ |_____/ \___\___/ \__,_|\__| - ⡼⣕⢗⡄ ⠈⠓⠝⢮⡳⣝⠮⠳⠙ ⢠⢢⢣⢣ - ⢰⡫⡮⡳⣝⢦⡀ ⢀⢔⢕⢕⢕⢕⠅ - ⡯⣎⢯⡺⣪⡳⣝⢖⣄⣀ ⡀⡠⡢⡣⡣⡣⡣⡣⡃ -⢸⢝⢮⡳⣝⢮⡺⣪⡳⠕⠗⠉⠁ ⠘⠜⡜⡜⡜⡜⡜⡜⠜⠈ -⡯⡳⠳⠝⠊⠓⠉ ⠈⠈⠈⠈ - - - -version: v1.0.9 (go1.21.3 - darwin/arm64) -git commit: 8bf95bf60d084af341f70e8263342f71b0a3cd16 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_watch.md b/_vendor/github.com/docker/scout-cli/docs/scout_watch.md deleted file mode 100644 index 2444ce3c43..0000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_watch.md +++ /dev/null @@ -1,53 +0,0 @@ -# docker scout watch - - -Watch repositories in a registry and push images and indexes to Docker Scout (experimental) - -### Options - -| Name | Type | Default | Description | -|:---------------------|:--------------|:--------|:------------------------------------------------------------------------------------| -| `--all-images` | | | Push all images instead of only the ones pushed during the watch command is running | -| `--dry-run` | | | Watch images and prepare them, but do not push them | -| `--interval` | `int64` | `60` | Interval in seconds between checks | -| `--org` | `string` | | Namespace of the Docker organization to which image will be pushed | -| `--refresh-registry` | | | Refresh the list of repositories of a registry at every run. Only with --registry. | -| `--registry` | `string` | | Registry to watch | -| `--repository` | `stringSlice` | | Repository to watch | -| `--sbom` | | | Create and upload SBOMs | -| `--tag` | `stringSlice` | | Regular expression to match tags to watch | -| `--workers` | `int` | `3` | Number of concurrent workers | - - - - -## Description - -The `docker scout watch` command watches repositories in a registry -and pushes images or analysis results to Docker Scout. - -## Examples - -### Watch for new images from two repositories and push them - -```console -$ docker scout watch --org my-org --repository registry-1.example.com/repo-1 --repository registry-2.example.com/repo-2 -``` - -### Only push images with a specific tag - -```console -$ docker scout watch --org my-org --repository registry.example.com/my-service --tag latest -``` - -### Watch all repositories of a registry - -```console -$ docker scout watch --org my-org --registry registry.example.com -``` - -### Push all images and not just the new ones - -```console -$ docker scout watch--org my-org --repository registry.example.com/my-service --all-images -``` diff --git a/_vendor/modules.txt b/_vendor/modules.txt index b66b9c68b1..0582da86b1 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,6 +1,5 @@ # github.com/moby/moby v26.0.0+incompatible # github.com/moby/buildkit v0.13.0 # github.com/docker/buildx v0.13.1 -# github.com/docker/scout-cli v1.6.0 # github.com/docker/cli v26.0.0+incompatible # github.com/docker/compose/v2 v2.26.0 diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml b/data/scout-cli/docker_scout.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout.yaml rename to data/scout-cli/docker_scout.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_attestation.yaml b/data/scout-cli/docker_scout_attestation.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_attestation.yaml rename to data/scout-cli/docker_scout_attestation.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_add.yaml b/data/scout-cli/docker_scout_attestation_add.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_add.yaml rename to data/scout-cli/docker_scout_attestation_add.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml b/data/scout-cli/docker_scout_cache.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml rename to data/scout-cli/docker_scout_cache.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml b/data/scout-cli/docker_scout_cache_df.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml rename to data/scout-cli/docker_scout_cache_df.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml b/data/scout-cli/docker_scout_cache_prune.yaml similarity index 88% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml rename to data/scout-cli/docker_scout_cache_prune.yaml index 7c0bb10d20..2d5f7de568 100644 --- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml +++ b/data/scout-cli/docker_scout_cache_prune.yaml @@ -9,16 +9,6 @@ usage: docker scout cache prune pname: docker scout cache plink: docker_scout_cache.yaml options: - - option: epss - value_type: bool - default_value: "false" - description: Prune cached EPSS scores - deprecated: false - hidden: false - experimental: false - experimentalcli: false - kubernetes: false - swarm: false - option: force shorthand: f value_type: bool diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml b/data/scout-cli/docker_scout_compare.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml rename to data/scout-cli/docker_scout_compare.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml b/data/scout-cli/docker_scout_config.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml rename to data/scout-cli/docker_scout_config.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml b/data/scout-cli/docker_scout_cves.yaml similarity index 96% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml rename to data/scout-cli/docker_scout_cves.yaml index deb2a2f66d..dd1637ade6 100644 --- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml +++ b/data/scout-cli/docker_scout_cves.yaml @@ -64,15 +64,6 @@ options: experimentalcli: false kubernetes: false swarm: false - - option: epss-date - value_type: string - description: Date to use for EPSS scores - deprecated: false - hidden: false - experimental: false - experimentalcli: false - kubernetes: false - swarm: false - option: epss-percentile value_type: float32 default_value: "0" @@ -109,7 +100,13 @@ options: - option: format value_type: string default_value: packages - description: "Output format of the generated vulnerability report:\n- packages: default output, plain text with vulnerabilities grouped by packages\n- sarif: json Sarif output\n- spdx: json SPDX output \n- markdown: markdown output (including some html tags like collapsible sections)\n- sbom: json SBOM output" + description: |- + Output format of the generated vulnerability report: + - packages: default output, plain text with vulnerabilities grouped by packages + - sarif: json Sarif output + - spdx: json SPDX output + - markdown: markdown output (including some html tags like collapsible sections) + - sbom: json SBOM output deprecated: false hidden: false experimental: false diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml b/data/scout-cli/docker_scout_enroll.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml rename to data/scout-cli/docker_scout_enroll.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml b/data/scout-cli/docker_scout_environment.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml rename to data/scout-cli/docker_scout_environment.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml b/data/scout-cli/docker_scout_help.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml rename to data/scout-cli/docker_scout_help.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml b/data/scout-cli/docker_scout_integration.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml rename to data/scout-cli/docker_scout_integration.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml b/data/scout-cli/docker_scout_integration_configure.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml rename to data/scout-cli/docker_scout_integration_configure.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml b/data/scout-cli/docker_scout_integration_delete.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml rename to data/scout-cli/docker_scout_integration_delete.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml b/data/scout-cli/docker_scout_integration_list.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml rename to data/scout-cli/docker_scout_integration_list.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml b/data/scout-cli/docker_scout_policy.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml rename to data/scout-cli/docker_scout_policy.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml b/data/scout-cli/docker_scout_push.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml rename to data/scout-cli/docker_scout_push.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml b/data/scout-cli/docker_scout_quickview.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml rename to data/scout-cli/docker_scout_quickview.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml b/data/scout-cli/docker_scout_recommendations.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml rename to data/scout-cli/docker_scout_recommendations.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml b/data/scout-cli/docker_scout_repo.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml rename to data/scout-cli/docker_scout_repo.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml b/data/scout-cli/docker_scout_repo_disable.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml rename to data/scout-cli/docker_scout_repo_disable.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml b/data/scout-cli/docker_scout_repo_enable.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml rename to data/scout-cli/docker_scout_repo_enable.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml b/data/scout-cli/docker_scout_repo_list.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml rename to data/scout-cli/docker_scout_repo_list.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml b/data/scout-cli/docker_scout_sbom.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml rename to data/scout-cli/docker_scout_sbom.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml b/data/scout-cli/docker_scout_stream.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml rename to data/scout-cli/docker_scout_stream.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml b/data/scout-cli/docker_scout_version.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml rename to data/scout-cli/docker_scout_version.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml b/data/scout-cli/docker_scout_watch.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml rename to data/scout-cli/docker_scout_watch.yaml diff --git a/go.mod b/go.mod index a7711e9a77..3d0f74d725 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,6 @@ require ( github.com/docker/buildx v0.13.1 // indirect github.com/docker/cli v26.0.0+incompatible // indirect github.com/docker/compose/v2 v2.26.0 // indirect - github.com/docker/scout-cli v1.6.0 // indirect github.com/moby/buildkit v0.13.0 // indirect github.com/moby/moby v26.0.0+incompatible // indirect ) @@ -17,7 +16,6 @@ replace ( github.com/docker/buildx => github.com/docker/buildx v0.13.1 github.com/docker/cli => github.com/docker/cli v26.0.0+incompatible github.com/docker/compose/v2 => github.com/docker/compose/v2 v2.25.0 - github.com/docker/scout-cli => github.com/docker/scout-cli v1.6.0 github.com/moby/buildkit => github.com/moby/buildkit v0.13.0-rc3.0.20240308080452-a38011b9f57d github.com/moby/moby => github.com/moby/moby v26.0.0+incompatible ) diff --git a/hugo.yaml b/hugo.yaml index 7a1dc7905d..4268e84119 100644 --- a/hugo.yaml +++ b/hugo.yaml @@ -272,12 +272,6 @@ module: - source: docs/bake-reference.md target: content/build/bake/reference.md - - path: github.com/docker/scout-cli - mounts: - - source: docs - includeFiles: "*.yaml" - target: data/scout-cli - - path: github.com/docker/cli mounts: - source: docs/extend