Introduce promotion policies (#79)

_data/toc.yaml

@@ -1844,6 +1844,8 @@ manuals:
             title: Manage trusted repositories
       - path: /datacenter/dtr/2.3/guides/user/create-and-manage-webhooks/
         title: Create and manage webhooks
+      - path: /datacenter/dtr/2.3/guides/user/create-deployment-policies/
+        title: Create deployment policies
     - path: /datacenter/dtr/2.3/reference/api/
       title: API reference
     - sectiontitle: Release notes

datacenter/dtr/2.3/guides/images/create-deployment-policies-1.svg

@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="740px" height="250px" viewBox="0 0 740 250" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+    <!-- Generator: Sketch 43.2 (39069) - http://www.bohemiancoding.com/sketch -->
+    <title>image-promotion</title>
+    <desc>Created with Sketch.</desc>
+    <defs></defs>
+    <g id="dtr-diagrams" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
+        <g id="image-promotion">
+            <g id="Group" transform="translate(12.000000, 3.000000)">
+                <g id="right" transform="translate(415.000000, 0.000000)">
+                    <text id="DTR-cluster" font-family="OpenSans-Semibold, Open Sans" font-size="10" font-weight="500" fill="#82949E">
+                        <tspan x="11.025" y="236.009524">DTR cluster</tspan>
+                    </text>
+                    <rect id="group" stroke="#82949E" stroke-width="2" stroke-dasharray="5,5,5,5" x="0" y="0" width="302" height="245" rx="2"></rect>
+                    <g id="website-prod" transform="translate(31.000000, 145.000000)">
+                        <text id="tags" font-family="OpenSans-Semibold, Open Sans" font-size="12" font-weight="500" fill="#82949E">
+                            <tspan x="38" y="40">2017-05-16</tspan>
+                        </text>
+                        <path d="M31.5,31.5 L31.5,40.5" id="Line" stroke="#E0E4E7" stroke-linecap="square"></path>
+                        <text id="docker/website-prod" font-family="OpenSans-Semibold, Open Sans" font-size="14" font-weight="500" fill="#82949E">
+                            <tspan x="31" y="19">docker/website-prod</tspan>
+                        </text>
+                        <text id="" font-family="FontAwesome" font-size="26" font-weight="normal" fill="#8F9EA8">
+                            <tspan x="0" y="22"></tspan>
+                        </text>
+                    </g>
+                    <g id="website-dev" transform="translate(31.000000, 16.000000)">
+                        <text id="tags" font-family="OpenSans-Semibold, Open Sans" font-size="12" font-weight="500" fill="#82949E">
+                            <tspan x="38" y="40">1</tspan>
+                            <tspan x="38" y="57">2</tspan>
+                            <tspan x="38" y="74">3-stable</tspan>
+                        </text>
+                        <path d="M31.5,31.5 L31.5,73.5" id="Line" stroke="#E0E4E7" stroke-linecap="square"></path>
+                        <text id="docker/website-dev" font-family="OpenSans-Semibold, Open Sans" font-size="14" font-weight="500" fill="#82949E">
+                            <tspan x="31" y="19">docker/website-dev</tspan>
+                        </text>
+                        <text id="" font-family="FontAwesome" font-size="26" font-weight="normal" fill="#8F9EA8">
+                            <tspan x="0" y="22"></tspan>
+                        </text>
+                    </g>
+                </g>
+                <g id="left">
+                    <text id="your-machine-or-a-CI" font-family="OpenSans-Semibold, Open Sans" font-size="10" font-weight="500" fill="#82949E">
+                        <tspan x="11.025" y="236.009524">your machine or a CI system</tspan>
+                    </text>
+                    <rect id="group" stroke="#82949E" stroke-width="2" stroke-dasharray="5,5,5,5" x="0" y="0" width="258" height="245" rx="2"></rect>
+                    <text id="docker-build-copy" font-family="CourierNewPS-BoldMT, Courier New" font-size="12" font-weight="bold" fill="#82949E">
+                        <tspan x="24" y="179">&gt; docker push</tspan>
+                    </text>
+                    <g id="website-dev-copy" transform="translate(24.000000, 80.000000)">
+                        <text id="tags" font-family="OpenSans-Semibold, Open Sans" font-size="12" font-weight="500" fill="#82949E">
+                            <tspan x="38" y="40">3-stable</tspan>
+                        </text>
+                        <path d="M31.5,31.5 L31.5,40.5" id="Line" stroke="#E0E4E7" stroke-linecap="square"></path>
+                        <text id="docker/website-dev" font-family="OpenSans-Semibold, Open Sans" font-size="14" font-weight="500" fill="#82949E">
+                            <tspan x="31" y="19">docker/website-dev</tspan>
+                        </text>
+                        <text id="" font-family="FontAwesome" font-size="26" font-weight="normal" fill="#8F9EA8">
+                            <tspan x="0" y="22"></tspan>
+                        </text>
+                    </g>
+                    <text id="docker-build" font-family="CourierNewPS-BoldMT, Courier New" font-size="12" font-weight="bold" fill="#82949E">
+                        <tspan x="24" y="35">&gt; docker build</tspan>
+                    </text>
+                </g>
+                <g id="arrow-3" transform="translate(631.000000, 84.000000)">
+                    <circle id="Oval" fill="#E0E4E7" cx="3" cy="60" r="3"></circle>
+                    <path d="M2.41908766,0.636305719 C2.41908766,0.636305719 11.6017022,12.0306637 11.6017022,30.660122 C11.6017022,49.2895802 2.41908766,60.6839382 2.41908766,60.6839382" id="Path-3" stroke="#E0E4E7"></path>
+                    <g id="annotation" transform="translate(17.000000, 15.000000)">
+                        <circle id="Oval-Copy" fill="#E0E4E7" cx="12" cy="12" r="12"></circle>
+                        <text id="1" font-family="OpenSans-Semibold, Open Sans" font-size="14" font-weight="500" fill="#FFFFFF">
+                            <tspan x="8" y="18">3</tspan>
+                        </text>
+                    </g>
+                </g>
+                <g id="arrow-2" transform="translate(267.000000, 81.000000)">
+                    <circle id="Oval" fill="#E0E4E7" cx="132" cy="3" r="3"></circle>
+                    <path d="M0.736586752,95 C0.736586752,95 29.3002372,54.2809317 61.5528708,31.5999726 C93.8055043,8.91901355 131.561843,3 131.561843,3" id="Path-3" stroke="#E0E4E7"></path>
+                    <g id="annotation" transform="translate(44.000000, 3.000000)">
+                        <circle id="Oval-Copy" fill="#E0E4E7" cx="12" cy="12" r="12"></circle>
+                        <text id="1" font-family="OpenSans-Semibold, Open Sans" font-size="14" font-weight="500" fill="#FFFFFF">
+                            <tspan x="8" y="18">2</tspan>
+                        </text>
+                    </g>
+                </g>
+                <g id="arrow-1" transform="translate(201.000000, 33.000000)">
+                    <circle id="Oval" fill="#E0E4E7" cx="3" cy="60" r="3"></circle>
+                    <path d="M2.41908766,0.636305719 C2.41908766,0.636305719 11.6017022,12.0306637 11.6017022,30.660122 C11.6017022,49.2895802 2.41908766,60.6839382 2.41908766,60.6839382" id="Path-3" stroke="#E0E4E7"></path>
+                    <g id="annotation" transform="translate(17.000000, 19.000000)">
+                        <circle id="Oval-Copy" fill="#E0E4E7" cx="12" cy="12" r="12"></circle>
+                        <text id="1" font-family="OpenSans-Semibold, Open Sans" font-size="14" font-weight="500" fill="#FFFFFF">
+                            <tspan x="8" y="18">1</tspan>
+                        </text>
+                    </g>
+                </g>
+            </g>
+        </g>
+    </g>
+</svg>

datacenter/dtr/2.3/guides/user/create-deployment-policies.md

@@ -0,0 +1,101 @@
+---
+title: Create deployment polices
+description: Learn how to create a deployment policies that can automatically
+  promote an image to production if it passes all tests and doesn't have
+  vulnerabilities.
+keywords: docker, registry, promotion, pipeline
+---
+
+Once you've made changes to your application and want to make them available
+to your users, you typically push an image to DTR, or have a CI/CD pipeline
+that does it for you. A team responsible for QA will notice you've pushed
+a new image, run tests, and if the image is working as expected, they'll
+promote it to production.
+
+As an example, you push the image to `docker/website-dev:3-stable`, the QA team will
+pull and test it, and push it as `docker/website-prod:latest`
+
+DTR allows you to automate this. If the image you pushed to DTR meets certain
+criteria, like it has a specific name, and doesn't have any vulnerabilities,
+the image is automatically promoted.
+You can combine multiple promotion criteria, and chain promotion rules, to
+build complex deployment pipelines.
+
+![promotion example](../images/create-deployment-policies-1.svg)
+
+In this example, we're going to create a promotion policy for the
+`docker/website-dev` repository.
+
+## Configure your repository
+
+In the DTR **web UI**, navigate to the **repository details** and
+choose **policies**.
+
+![repository policies](../images/create-deployment-policies-2.png){: .with-border}
+
+Click **new promotion policy**, and define that criteria that an image needs
+to meet to be promoted.
+
+DTR allows defining the following criteria:
+
+| Name            | Description                                        |
+|:----------------|:---------------------------------------------------|
+| Tag name        | If the tag name contains                           |
+| Vulnerabilities | If the image has vulnerabilities                   |
+| License         | If the image uses an intellectual property license |
+| Architecture    | If the image was built for a specific architecture |
+| OS              | If the image uses a specific operating system      |
+
+Then, select where to push the image to if it meets all the criteria.
+Select the **organization** and **repository** where the image is going to be
+push, and define the **tag**. You can use these template keywords to define
+your new tag:
+
+| Template | Description                     | Example result    |
+|:---------|:--------------------------------|:------------------|
+| %n       | The tag to promote              | 1, 4.5, latest    |
+| %A       | Day of the week                 | Sunday, Monday    |
+| %a       | Day of the week, abbreviated    | Sun, Mon , Tue    |
+| %w       | Day of the week, as a number    | 0, 1, 6           |
+| %d       | Number for the day of the month | 01, 15, 31        |
+| %B       | Month                           | January, December |
+| %b       | Month, abbreviated              | Jan, Jun, Dec     |
+| %m       | Month, as a number              | 01, 06, 12        |
+| %Y       | Year                            | 1999, 2015, 2048  |
+| %y       | Year, two digits                | 99, 15, 48        |
+| %H       | Hour, in 24 hour format         | 00, 12, 23        |
+| %I       | Hour, in 12 hour format         | 01, 10, 10        |
+| %p       | Period of the day               | AM, PM            |
+| %M       | Minute                          | 00, 10, 59        |
+| %S       | Second                          | 00, 10, 59        |
+| %f       | Microsecond                     | 000000, 999999    |
+| %Z       | Name for the timezone           | UTC, PST, EST     |
+| %j       | Day of the year                 | 001, 200, 366     |
+| %W       | Week of the year                | 00, 10 , 53       |
+
+
+
+In this example, if a tag in the `docker/website-dev` doesn't have
+vulnerabilities and the tag name contains `stable`, we'll automatically
+push that image to `docker/website-prod` and tag it with the timestamp of
+when the image was promoted.
+
+![repository with policies](../images/create-deployment-policies-3.png){: .with-border}
+
+Everything is set up, and once we push a new image, if it complies with all
+the policies, it automatically gets promoted.
+
+![tag promoted](../images/create-deployment-policies-4.png){: .with-border}
+
+## Create complex pipelines
+
+You can create several promotion policies in a repository, chain
+promotion policies across different repositories, and also use promotion
+policies with webhooks. This allows you to create flexible deployment
+pipelines.
+
+Also, users don't need access to all repositories in the promotion pipeline.
+A repository admin can define the promotion policies, and only
+allow access to push to the first repository in that pipeline. Once users push
+to the fist repository, the image gets promoted to the other repositories as
+long as it satisfies the promotion policies.