docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

atomist patch1 (#15728) 

* updates based on early feedback

* add OCI and JFrog

* fix typo in attr value

* moved atomist one level up in sidenav
This commit is contained in:
David Karlsson 2022-09-24 23:27:21 +02:00 committed by GitHub
parent ab0a1f692d
commit e0bbe1a32f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 57 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/vale/Vocab/Industry/accept.txt vendored
View File

@ -18,6 +18,7 @@ GeoNetwork
GitHub( Actions)? GitHub( Actions)?
Google Google
Intel Intel
JFrog
JetBrains JetBrains
Kubernetes Kubernetes
Lightstreamer Lightstreamer
@ -30,6 +31,7 @@ MySQL
Nginx Nginx
Nuxeo Nuxeo
OAuth OAuth
OCI
Okta Okta
Postgres Postgres
PowerShell PowerShell

42
_data/toc.yaml
View File

@ -1531,27 +1531,6 @@ manuals:
- path: /docker-hub/release-notes/ - path: /docker-hub/release-notes/
title: Release notes title: Release notes
- sectiontitle: Atomist
section:
- path: /atomist/
title: Introduction
- path: /atomist/try-atomist/
title: Try Atomist
- path: /atomist/get-started/
title: Get started
- sectiontitle: Configure
section:
- path: /atomist/configure/settings/
title: Settings
- path: /atomist/configure/advisories/
title: Advisories
- sectiontitle: Integrate
section:
- path: /atomist/integrate/github/
title: GitHub
- path: /atomist/integrate/deploys/
title: Track deployments
- sectiontitle: Docker subscription - sectiontitle: Docker subscription
section: section:
- path: /subscription/ - path: /subscription/
@ -1631,6 +1610,27 @@ manuals:
- path: /engine/security/rootless/ - path: /engine/security/rootless/
title: Rootless mode title: Rootless mode
- sectiontitle: Atomist
section:
- path: /atomist/
title: Introduction
- path: /atomist/try-atomist/
title: Try Atomist
- path: /atomist/get-started/
title: Get started
- sectiontitle: Configure
section:
- path: /atomist/configure/settings/
title: Settings
- path: /atomist/configure/advisories/
title: Advisories
- sectiontitle: Integrate
section:
- path: /atomist/integrate/github/
title: GitHub
- path: /atomist/integrate/deploys/
title: Track deployments
- sectiontitle: Open-source projects - sectiontitle: Open-source projects
section: section:
- sectiontitle: Docker Registry - sectiontitle: Docker Registry

7
atomist/configure/advisories.md
View File

@ -26,11 +26,12 @@ To add your own advisories:
- `source-id` has to be a unique id for the advisory within `source`. - `source-id` has to be a unique id for the advisory within `source`.
3. The JSON file must follow the schema defined in 3. The JSON file must follow the schema defined in
[Open Source Vulnerability format](https://ossf.github.io/osv-schema/). [Open Source Vulnerability format](https://ossf.github.io/osv-schema/){:
target="blank" rel="noopener" class=""}.
Refer to the Refer to the
[GitHub Advisory Database](https://github.com/github/advisory-database/tree/main/advisories/github-reviewed) [GitHub Advisory Database](https://github.com/github/advisory-database/tree/main/advisories/github-reviewed){:
for examples of advisories. target="blank" rel="noopener" class=""} for examples of advisories.
## Deleting advisories ## Deleting advisories

35
atomist/get-started.md
View File

@ -92,7 +92,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>us-east-1</th> <th>us-east-1</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-1/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -100,7 +100,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>us-east-2</th> <th>us-east-2</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-2/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -108,7 +108,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>us-west-1</th> <th>us-west-1</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-1/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -116,7 +116,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>us-west-2</th> <th>us-west-2</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-2/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -124,7 +124,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>eu-west-1</th> <th>eu-west-1</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-1/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -132,7 +132,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>eu-west-2</th> <th>eu-west-2</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-2/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -140,7 +140,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>eu-west-3</th> <th>eu-west-3</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-3/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-3/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -148,7 +148,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>eu-central-1</th> <th>eu-central-1</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-central-1/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-central-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -156,7 +156,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>ca-central-1</th> <th>ca-central-1</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ca-central-1/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ca-central-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -164,7 +164,7 @@ with the appropriate condition on the IAM role statement.
<tr> <tr>
<th>ap-southeast-2</th> <th>ap-southeast-2</th>
<td> <td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ap-southeast-2/atomist-public-templates/latest/ecr-integration.template"> <a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ap-southeast-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" /> <img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a> </a>
</td> </td>
@ -205,7 +205,8 @@ container images.
Atomist requires the **Personal access token** for connecting images to Atomist requires the **Personal access token** for connecting images to
private repositories. The token must have the private repositories. The token must have the
[`read:packages` scope](https://docs.github.com/en/packages/learn-github-packages/about-permissions-for-github-packages). [`read:packages` scope](https://docs.github.com/en/packages/learn-github-packages/about-permissions-for-github-packages){:
target="blank" rel="noopener" class=""}.
Leave the **Personal access token** field blank if you only want to index Leave the **Personal access token** field blank if you only want to index
images in public repositories. images in public repositories.
@ -265,7 +266,8 @@ project.
--role="roles/iam.serviceAccountTokenCreator" --role="roles/iam.serviceAccountTokenCreator"
``` ```
5. Go to <https://dso.docker.com> and sign in with your Docker ID credentials. 5. Go to [dso.docker.com](https://dso.docker.com){: target="blank"
rel="noopener" class=""} and sign in with your Docker ID credentials.
6. Navigate to the **Integrations** tab and select **Configure** next to the 6. Navigate to the **Integrations** tab and select **Configure** next to the
**Google Artifact Registry** integration. **Google Artifact Registry** integration.
7. Fill out the following fields: 7. Fill out the following fields:
@ -366,7 +368,8 @@ The image labels that Atomist requires are:
| `com.docker.image.source.entrypoint` | Path to the Dockerfile, relative to project root. | | `com.docker.image.source.entrypoint` | Path to the Dockerfile, relative to project root. |
For more information about pre-defined OCI annotations, see the For more information about pre-defined OCI annotations, see the
[specification document on GitHub](https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys). [specification document on GitHub](https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys){:
target="blank" rel="noopener" class=""}.
You can add these labels to images using the built-in Git provenance feature of You can add these labels to images using the built-in Git provenance feature of
Buildx, or set using the `--label` CLI argument. Buildx, or set using the `--label` CLI argument.
@ -375,8 +378,7 @@ Buildx, or set using the `--label` CLI argument.
> Beta > Beta
> >
> Git provenance labels in Buildx is a [Beta](/release-lifecycle#beta) > Git provenance labels in Buildx is a [Beta](/release-lifecycle#beta) feature.
> feature.
To add the image labels using Docker Buildx, set the environment variable To add the image labels using Docker Buildx, set the environment variable
`BUILDX_GIT_LABELS=1`. The Buildx will create the labels automatically when `BUILDX_GIT_LABELS=1`. The Buildx will create the labels automatically when
@ -417,7 +419,8 @@ use.
Atomist is now tracking bill of materials, packages, and vulnerabilities for Atomist is now tracking bill of materials, packages, and vulnerabilities for
your images! You can view your image scan results on the your images! You can view your image scan results on the
[images overview page](https://dso.docker.com/r/auth/overview/images). [images overview page](https://dso.docker.com/r/auth/overview/images){:
target="blank" rel="noopener" class=""}.
Teams use Atomist to protect downstream workloads from new vulnerabilities. It's Teams use Atomist to protect downstream workloads from new vulnerabilities. It's
also used to help teams track and remediate new vulnerabilities that impact also used to help teams track and remediate new vulnerabilities that impact

2
atomist/integrate/github.md
View File

@ -22,7 +22,7 @@ repositories for your Docker images.
2. Open the **Repositories** tab. 2. Open the **Repositories** tab.
3. Select **Connect to GitHub** and follow the authorization flow. This installs 3. Select **Connect to GitHub** and follow the authorization flow. This installs
the the
[Atomist GitHub App](https://github.com/apps/atomist "Atomist GitHub App"). [Atomist GitHub App](https://github.com/apps/atomist "Atomist GitHub App"){: target="blank" rel="noopener" class=""}.
![install the GitHub app](images/gh-install.png){: width="700px" } ![install the GitHub app](images/gh-install.png){: width="700px" }

20
atomist/try-atomist.md
View File

@ -14,9 +14,9 @@ plane for analysis.
## Prerequisites ## Prerequisites
Before you can begin the setup, you need a Docker ID. If you don't already Before you can begin the setup, you need a Docker ID. If you don't already have
have one, you can [register here](https://hub.docker.com/signup){: one, you can [register here](https://hub.docker.com/signup){: target="blank"
target="blank" rel="noopener" class=""}. rel="noopener" class=""}.
## Steps ## Steps
@ -26,8 +26,8 @@ target="blank" rel="noopener" class=""}.
> purposes. For further evaluation or production use, integrate Atomist with > purposes. For further evaluation or production use, integrate Atomist with
> your container registry. See [get started](./get-started.md). > your container registry. See [get started](./get-started.md).
1. Go to the [Atomist website](https://dso.docker.com) and sign in using your 1. Go to the [Atomist website](https://dso.docker.com){: target="blank"
Docker ID. rel="noopener" class=""} and sign in using your Docker ID.
2. Open the **Integrations** tab. 2. Open the **Integrations** tab.
3. Under **API Keys**, create a new API key. 3. Under **API Keys**, create a new API key.
4. In your terminal of choice, invoke the Atomist CLI tool using `docker run`. 4. In your terminal of choice, invoke the Atomist CLI tool using `docker run`.
@ -41,7 +41,7 @@ target="blank" rel="noopener" class=""}.
```bash ```bash
docker run \ docker run \
-v /var/run/docker.sock:/var/run/docker.sock \ -v /var/run/docker.sock:/var/run/docker.sock \
-ti atomist/docker-registry-broker:0.0.1 \ -ti atomist/docker-registry-broker:latest \
index-image local \ index-image local \
--workspace AQ1K5FIKA \ --workspace AQ1K5FIKA \
--api-key team::6016307E4DF885EAE0579AACC71D3507BB38E1855903850CF5D0D91C5C8C6DC0 \ --api-key team::6016307E4DF885EAE0579AACC71D3507BB38E1855903850CF5D0D91C5C8C6DC0 \
@ -51,8 +51,7 @@ target="blank" rel="noopener" class=""}.
> Note > Note
> >
> The image must have a tag (for example, `myimage:latest`) so that you are > The image must have a tag (for example, `myimage:latest`) so that you are
> able to identify the image in the > able to identify the image later.
> [Atomist web UI](https://dso.docker.com/r/auth/overview/images).
The output should be similar to the following: The output should be similar to the following:
@ -74,8 +73,9 @@ target="blank" rel="noopener" class=""}.
``` ```
5. When the command exits, open the 5. When the command exits, open the
[Atomist web UI](https://dso.docker.com/r/auth/overview/images), where you [Atomist web UI](https://dso.docker.com/r/auth/overview/images){:
should see the image in the list. target="blank" rel="noopener" class=""}, where you should see the image in
the list.
![indexed image in the image overview list](./images/images-overview.png){: ![indexed image in the image overview list](./images/images-overview.png){:
width="700px"} width="700px"}