docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

atomist patch1 (#15728) 

* updates based on early feedback

* add OCI and JFrog

* fix typo in attr value

* moved atomist one level up in sidenav
This commit is contained in:
David Karlsson 2022-09-24 23:27:21 +02:00 committed by GitHub
parent ab0a1f692d
commit e0bbe1a32f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 57 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/vale/Vocab/Industry/accept.txt vendored
View File

@ -18,6 +18,7 @@ GeoNetwork
GitHub( Actions)?
Google
Intel
JFrog
JetBrains
Kubernetes
Lightstreamer
@ -30,6 +31,7 @@ MySQL
Nginx
Nuxeo
OAuth
OCI
Okta
Postgres
PowerShell

42
_data/toc.yaml
View File

@ -1531,27 +1531,6 @@ manuals:
- path: /docker-hub/release-notes/
title: Release notes
- sectiontitle: Atomist
section:
- path: /atomist/
title: Introduction
- path: /atomist/try-atomist/
title: Try Atomist
- path: /atomist/get-started/
title: Get started
- sectiontitle: Configure
section:
- path: /atomist/configure/settings/
title: Settings
- path: /atomist/configure/advisories/
title: Advisories
- sectiontitle: Integrate
section:
- path: /atomist/integrate/github/
title: GitHub
- path: /atomist/integrate/deploys/
title: Track deployments
- sectiontitle: Docker subscription
section:
- path: /subscription/
@ -1631,6 +1610,27 @@ manuals:
- path: /engine/security/rootless/
title: Rootless mode
- sectiontitle: Atomist
section:
- path: /atomist/
title: Introduction
- path: /atomist/try-atomist/
title: Try Atomist
- path: /atomist/get-started/
title: Get started
- sectiontitle: Configure
section:
- path: /atomist/configure/settings/
title: Settings
- path: /atomist/configure/advisories/
title: Advisories
- sectiontitle: Integrate
section:
- path: /atomist/integrate/github/
title: GitHub
- path: /atomist/integrate/deploys/
title: Track deployments
- sectiontitle: Open-source projects
section:
- sectiontitle: Docker Registry

7
atomist/configure/advisories.md
View File

@ -26,11 +26,12 @@ To add your own advisories:
- `source-id` has to be a unique id for the advisory within `source`.
3. The JSON file must follow the schema defined in
[Open Source Vulnerability format](https://ossf.github.io/osv-schema/).
[Open Source Vulnerability format](https://ossf.github.io/osv-schema/){:
target="blank" rel="noopener" class=""}.
Refer to the
[GitHub Advisory Database](https://github.com/github/advisory-database/tree/main/advisories/github-reviewed)
for examples of advisories.
[GitHub Advisory Database](https://github.com/github/advisory-database/tree/main/advisories/github-reviewed){:
target="blank" rel="noopener" class=""} for examples of advisories.
## Deleting advisories

35
atomist/get-started.md
View File

@ -92,7 +92,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>us-east-1</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-1/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -100,7 +100,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>us-east-2</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-2/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-east-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -108,7 +108,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>us-west-1</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-1/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -116,7 +116,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>us-west-2</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-2/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-us-west-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -124,7 +124,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>eu-west-1</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-1/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -132,7 +132,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>eu-west-2</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-2/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -140,7 +140,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>eu-west-3</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-3/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-west-3/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -148,7 +148,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>eu-central-1</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-central-1/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-eu-central-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -156,7 +156,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>ca-central-1</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ca-central-1/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ca-central-1/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -164,7 +164,7 @@ with the appropriate condition on the IAM role statement.
<tr>
<th>ap-southeast-2</th>
<td>
<a href="https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ap-southeast-2/atomist-public-templates/latest/ecr-integration.template">
<a target="blank" rel="noopener" href="https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/new?stackName=atomist-public-templates-ecr-integration&templateURL=https://s3.amazonaws.com/atomist-ap-southeast-2/atomist-public-templates/latest/ecr-integration.template">
<img alt="Launch Stack" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png" />
</a>
</td>
@ -205,7 +205,8 @@ container images.
Atomist requires the **Personal access token** for connecting images to
private repositories. The token must have the
[`read:packages` scope](https://docs.github.com/en/packages/learn-github-packages/about-permissions-for-github-packages).
[`read:packages` scope](https://docs.github.com/en/packages/learn-github-packages/about-permissions-for-github-packages){:
target="blank" rel="noopener" class=""}.
Leave the **Personal access token** field blank if you only want to index
images in public repositories.
@ -265,7 +266,8 @@ project.
--role="roles/iam.serviceAccountTokenCreator"
```
5. Go to <https://dso.docker.com> and sign in with your Docker ID credentials.
5. Go to [dso.docker.com](https://dso.docker.com){: target="blank"
rel="noopener" class=""} and sign in with your Docker ID credentials.
6. Navigate to the **Integrations** tab and select **Configure** next to the
**Google Artifact Registry** integration.
7. Fill out the following fields:
@ -366,7 +368,8 @@ The image labels that Atomist requires are:
| `com.docker.image.source.entrypoint` | Path to the Dockerfile, relative to project root. |
For more information about pre-defined OCI annotations, see the
[specification document on GitHub](https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys).
[specification document on GitHub](https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys){:
target="blank" rel="noopener" class=""}.
You can add these labels to images using the built-in Git provenance feature of
Buildx, or set using the `--label` CLI argument.
@ -375,8 +378,7 @@ Buildx, or set using the `--label` CLI argument.
> Beta
>
> Git provenance labels in Buildx is a [Beta](/release-lifecycle#beta)
> feature.
> Git provenance labels in Buildx is a [Beta](/release-lifecycle#beta) feature.
To add the image labels using Docker Buildx, set the environment variable
`BUILDX_GIT_LABELS=1`. The Buildx will create the labels automatically when
@ -417,7 +419,8 @@ use.
Atomist is now tracking bill of materials, packages, and vulnerabilities for
your images! You can view your image scan results on the
[images overview page](https://dso.docker.com/r/auth/overview/images).
[images overview page](https://dso.docker.com/r/auth/overview/images){:
target="blank" rel="noopener" class=""}.
Teams use Atomist to protect downstream workloads from new vulnerabilities. It's
also used to help teams track and remediate new vulnerabilities that impact

2
atomist/integrate/github.md
View File

@ -22,7 +22,7 @@ repositories for your Docker images.
2. Open the **Repositories** tab.
3. Select **Connect to GitHub** and follow the authorization flow. This installs
the
[Atomist GitHub App](https://github.com/apps/atomist "Atomist GitHub App").
[Atomist GitHub App](https://github.com/apps/atomist "Atomist GitHub App"){: target="blank" rel="noopener" class=""}.
![install the GitHub app](images/gh-install.png){: width="700px" }

20
atomist/try-atomist.md
View File

@ -14,9 +14,9 @@ plane for analysis.
## Prerequisites
Before you can begin the setup, you need a Docker ID. If you don't already
have one, you can [register here](https://hub.docker.com/signup){:
target="blank" rel="noopener" class=""}.
Before you can begin the setup, you need a Docker ID. If you don't already have
one, you can [register here](https://hub.docker.com/signup){: target="blank"
rel="noopener" class=""}.
## Steps
@ -26,8 +26,8 @@ target="blank" rel="noopener" class=""}.
> purposes. For further evaluation or production use, integrate Atomist with
> your container registry. See [get started](./get-started.md).
1. Go to the [Atomist website](https://dso.docker.com) and sign in using your
Docker ID.
1. Go to the [Atomist website](https://dso.docker.com){: target="blank"
rel="noopener" class=""} and sign in using your Docker ID.
2. Open the **Integrations** tab.
3. Under **API Keys**, create a new API key.
4. In your terminal of choice, invoke the Atomist CLI tool using `docker run`.
@ -41,7 +41,7 @@ target="blank" rel="noopener" class=""}.
```bash
docker run \
-v /var/run/docker.sock:/var/run/docker.sock \
-ti atomist/docker-registry-broker:0.0.1 \
-ti atomist/docker-registry-broker:latest \
index-image local \
--workspace AQ1K5FIKA \
--api-key team::6016307E4DF885EAE0579AACC71D3507BB38E1855903850CF5D0D91C5C8C6DC0 \
@ -51,8 +51,7 @@ target="blank" rel="noopener" class=""}.
> Note
>
> The image must have a tag (for example, `myimage:latest`) so that you are
> able to identify the image in the
> [Atomist web UI](https://dso.docker.com/r/auth/overview/images).
> able to identify the image later.
The output should be similar to the following:
@ -74,8 +73,9 @@ target="blank" rel="noopener" class=""}.
```
5. When the command exits, open the
[Atomist web UI](https://dso.docker.com/r/auth/overview/images), where you
should see the image in the list.
[Atomist web UI](https://dso.docker.com/r/auth/overview/images){:
target="blank" rel="noopener" class=""}, where you should see the image in
the list.
![indexed image in the image overview list](./images/images-overview.png){:
width="700px"}