From 18a0fc487f127f405a6b44ba3ba7f40e125aebef Mon Sep 17 00:00:00 2001 From: Craig Osterhout <103533812+craig-osterhout@users.noreply.github.com> Date: Wed, 23 Aug 2023 08:16:39 -0700 Subject: [PATCH] hub and registry: fix formatting (#17988) * fix formatting hub and registry Signed-off-by: Craig Osterhout --- content/docker-hub/builds/_index.md | 1 + content/docker-hub/dsos-program.md | 5 +++-- content/docker-hub/dvp-program.md | 9 ++++---- content/docker-hub/webhooks.md | 2 +- content/registry/deploying.md | 12 +++++----- content/registry/garbage-collection.md | 9 +++++--- content/registry/insecure.md | 11 +++++---- content/registry/recipes/mirror.md | 31 +++++++++++++++++--------- content/registry/recipes/nginx.md | 14 +++++++----- 9 files changed, 59 insertions(+), 35 deletions(-) diff --git a/content/docker-hub/builds/_index.md b/content/docker-hub/builds/_index.md index 59cc22afdf..436560527d 100644 --- a/content/docker-hub/builds/_index.md +++ b/content/docker-hub/builds/_index.md @@ -42,6 +42,7 @@ when the tests succeed. 4. Select the **source repository** to build the Docker images from. > Note + > > You might need to specify an organization or user from > the source code provider. Once you select a user, source code > repositories appear in the **Select repository** drop-down list. diff --git a/content/docker-hub/dsos-program.md b/content/docker-hub/dsos-program.md index f118710825..96a1e7ee26 100644 --- a/content/docker-hub/dsos-program.md +++ b/content/docker-hub/dsos-program.md @@ -45,14 +45,15 @@ over the repository can change the repository logo. 1. Sign in to [Docker Hub](https://hub.docker.com). 2. Go to the page of the repository that you want to change the logo for. 3. Select the upload logo button, represented by a camera icon - (![Camera icon](images/upload_logo_sm.png){: .inline height="22px" }) + ({{< inline-image src="images/upload_logo_sm.png" alt="camera icon" >}}) overlaying the current repository logo. 4. In the dialog that opens, select the PNG image that you want to upload to set it as the logo for the repository. #### Remove the logo -Select the **Clear** button (![Clear button](images/clear_logo_sm.png){: .inline width="20px" }) to remove a logo. +Select the **Clear** button ({{< inline-image src="images/clear_logo_sm.png" +alt="clear button" >}}) to remove a logo. Removing the logo makes the repository default to using the organization logo, if set, or the following default logo if not. diff --git a/content/docker-hub/dvp-program.md b/content/docker-hub/dvp-program.md index 914552ac14..11737c7100 100644 --- a/content/docker-hub/dvp-program.md +++ b/content/docker-hub/dvp-program.md @@ -62,15 +62,16 @@ over the repository can change the repository logo. 1. Sign in to [Docker Hub](https://hub.docker.com). 2. Go to the page of the repository that you want to change the logo for. -3. Select the upload logo button, represented by a camera icon - (![Camera icon](./images/upload_logo_sm.png){: .inline height="22px" }) - overlaying the current repository logo. +3. Select the upload logo button, represented by a camera icon ({{< inline-image + src="./images/upload_logo_sm.png" alt="camera icon" >}}) overlaying the +current repository logo. 4. In the dialog that opens, select the PNG image that you want to upload to set it as the logo for the repository. #### Remove the logo -Select the **Clear** button (![Clear button](images/clear_logo_sm.png){: .inline width="20px" }) to remove a logo. +Select the **Clear** button ({{< inline-image src="images/clear_logo_sm.png" +alt="clear button" >}}) to remove a logo. Removing the logo makes the repository default to using the organization logo, if set, or the following default logo if not. diff --git a/content/docker-hub/webhooks.md b/content/docker-hub/webhooks.md index 0cc4cf85ac..33de80a094 100644 --- a/content/docker-hub/webhooks.md +++ b/content/docker-hub/webhooks.md @@ -9,7 +9,7 @@ You can use webhooks to cause an action in another service in response to a push ## Create a webhook To create a webhook: -1. In your chosen respository, select the **Webhooks** tabThen: +1. In your chosen repository, select the **Webhooks** tab. 2. Provide a name for the webhook 3. Provide a destination webhook URL. This is where webhook POST requests are delivered. 4. Select **Create**. diff --git a/content/registry/deploying.md b/content/registry/deploying.md index 19630ac783..4e0ef98932 100644 --- a/content/registry/deploying.md +++ b/content/registry/deploying.md @@ -398,7 +398,8 @@ The simplest way to achieve access restriction is through basic authentication This example uses native basic authentication using `htpasswd` to store the secrets. -> **Warning**: +> **Warning** +> > You **cannot** use authentication with authentication schemes that send > credentials as clear text. You must > [configure TLS first](deploying.md#run-an-externally-accessible-registry) for @@ -458,9 +459,11 @@ secrets. Test that you can now pull an image from the registry or push an image to the registry. -> **X509 errors**: X509 errors usually indicate that you are attempting to use -> a self-signed certificate without configuring the Docker daemon correctly. -> See [run an insecure registry](insecure.md). +> **X509 errors** +> +> X509 errors usually indicate that you are attempting to use a self-signed +> certificate without configuring the Docker daemon correctly. See [run an +> insecure registry](insecure.md). ### More advanced authentication @@ -503,7 +506,6 @@ registry: Replace `/path` with the directory which contains the `certs/` and `auth/` directories. -{ .warning } Start your registry by issuing the following command in the directory containing the `docker-compose.yml` file: diff --git a/content/registry/garbage-collection.md b/content/registry/garbage-collection.md index 53048eda31..37ffb81320 100644 --- a/content/registry/garbage-collection.md +++ b/content/registry/garbage-collection.md @@ -82,9 +82,12 @@ the blobs and if a blob's content address digest is not in the mark set, the process deletes it. -> **Note**: You should ensure that the registry is in read-only mode or not running at -> all. If you were to upload an image while garbage collection is running, there is the -> risk that the image's layers are mistakenly deleted leading to a corrupted image. +> **Note** +> +> You should ensure that the registry is in read-only mode or not running at +> all. If you were to upload an image while garbage collection is running, there +> is the risk that the image's layers are mistakenly deleted leading to a +> corrupted image. This type of garbage collection is known as stop-the-world garbage collection. diff --git a/content/registry/insecure.md b/content/registry/insecure.md index d9333731b2..945400c905 100644 --- a/content/registry/insecure.md +++ b/content/registry/insecure.md @@ -13,7 +13,8 @@ involves security trade-offs and additional configuration steps. ## Deploy a plain HTTP registry -> **Warning**: +> **Warning** +> > It's not possible to use an insecure registry with basic authentication. { .warning } @@ -55,9 +56,11 @@ Repeat these steps on every Engine host that wants to access your registry. ## Use self-signed certificates -> **Warning**: -> Using this along with basic authentication requires to **also** trust the certificate into the OS cert store for some versions of docker (see below) -{ .warning } +> **Warning** +> +> Using this along with basic authentication requires to **also** trust the +certificate into the OS cert store for some versions of docker (see below) +{.warning } This is more secure than the insecure registry solution. diff --git a/content/registry/recipes/mirror.md b/content/registry/recipes/mirror.md index 744eaea783..0b1b43af50 100644 --- a/content/registry/recipes/mirror.md +++ b/content/registry/recipes/mirror.md @@ -96,14 +96,20 @@ proxy: password: [password] ``` -> **Warning**: If you specify a username and password, it's very important to -> understand that private resources that this user has access to Docker Hub is -> made available on your mirror. **You must secure your mirror** by -> implementing authentication if you expect these resources to stay private! +> **Warning** +> +> If you specify a username and password, it's very important to understand that +> private resources that this user has access to Docker Hub is made available on +> your mirror. **You must secure your mirror** by implementing authentication if +> you expect these resources to stay private! +{ .warning } -> **Warning**: For the scheduler to clean up old entries, `delete` must -> be enabled in the registry configuration. See -> [Registry Configuration](../configuration.md) for more details. +> **Warning** +> +> For the scheduler to clean up old entries, `delete` must be enabled in the +> registry configuration. See [Registry Configuration](../configuration.md) for +> more details. +{ .warning } ### Configure the Docker daemon @@ -119,11 +125,14 @@ and add the `registry-mirrors` key and value, to make the change persistent. Save the file and reload Docker for the change to take effect. -> Some log messages that appear to be errors are actually informational messages. +> **Note** > -> Check the `level` field to determine whether -> the message is warning you about an error or is giving you information. -> For example, this log message is informational: +> Some log messages that appear to be errors are actually informational +> messages. +> +> Check the `level` field to determine whether the message is warning you about +> an error or is giving you information. For example, this log message is +> informational: > > ```conf > time="2017-06-02T15:47:37Z" level=info msg="error statting local store, serving from upstream: unknown blob" go.version=go1.7.4 diff --git a/content/registry/recipes/nginx.md b/content/registry/recipes/nginx.md index 045bce2209..77e78e43f8 100644 --- a/content/registry/recipes/nginx.md +++ b/content/registry/recipes/nginx.md @@ -43,10 +43,12 @@ you want through the secondary authentication mechanism implemented inside your proxy, it also requires that you move TLS termination from the Registry to the proxy itself. -> **Note**: Docker does not recommend binding your registry to `localhost:5000` without -> authentication. This creates a potential loophole in your Docker Registry security. -> As a result, anyone who can log on to the server where your Docker Registry is running -> can push images without authentication. +> **Note** +> +> Docker does not recommend binding your registry to `localhost:5000` without +> authentication. This creates a potential loophole in your Docker Registry +> security. As a result, anyone who can log on to the server where your Docker +> Registry is running can push images without authentication. Furthermore, introducing an extra http layer in your communication pipeline makes it more complex to deploy, maintain, and debug. Make sure the extra @@ -159,7 +161,9 @@ Review the [requirements](index.md#requirements), then follow these steps. $ docker run --rm --entrypoint htpasswd httpd:2 -Bbn testuser testpassword > auth/nginx.htpasswd ``` - > **Note**: If you do not want to use `bcrypt`, you can omit the `-B` parameter. + > **Note** + > + > If you do not want to use `bcrypt`, you can omit the `-B` parameter. 4. Copy your certificate files to the `auth/` directory.