diff --git a/docker-hub/dsos-program.md b/docker-hub/dsos-program.md index 5aee41b3c0..c640b56ce3 100644 --- a/docker-hub/dsos-program.md +++ b/docker-hub/dsos-program.md @@ -6,7 +6,7 @@ keywords: docker hub, hub, insights, analytics, open source, Docker sponsored, p [Docker Sponsored Open Source images](https://hub.docker.com/search?q=&image_filter=open_source){:target="_blank" rel="noopener" class="_"} are published and maintained by open-source projects sponsored by Docker through the program. -Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that Docker has verified as active open-source projects. +Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that Docker has verified as trusted, secure, and active open-source projects. ![Docker-Sponsored Open Source badge](images/sponsored-badge-iso.png) @@ -18,11 +18,11 @@ The program grants the following perks to eligible projects: - Verified Docker-Sponsored Open Source badge - Insights and analytics -- Vulnerability scanning +- Vulnerability analysis - Removal of rate limiting for developers - Improved discoverability on Docker Hub -These benefits are valid for one year and you can renew if your project still meets the program requirements. Program members, and all users pulling public images from your project namespace get access to unlimited pulls and unlimited egress. +These benefits are valid for one year and you can renew annually if your project still meets the program requirements. Program members, and all users pulling public images from your project namespace get access to unlimited pulls and unlimited egress. ### Verified Docker-Sponsored Open Source badge @@ -37,19 +37,20 @@ target="blank" rel="noopener" class=""} service provides usage metrics for how the community uses your Docker images, and grants you insight into your user's behavior. +You can +view number of image pulls by tag or by digest, and get breakdowns by +geolocation, cloud provider, client, and more. + ![The insights and analytics tab on the Docker Hub website](./publish/images/insights-and-analytics-tab.png) -Select the time span you want to view analytics data, and export the data in -either a summary or raw format. The summary format shows you image pulls per -tag, and the raw format lists information about every image pull for the -selected time span. Data points include tag, type of pull, user geolocation, -client tool (user agent), and more. +You can use the view to select the time span you want to view analytics data and export the data in +either a summary or raw format. -### Vulnerability scanning +### Vulnerability analysis [Docker Scout](/scout/){: -target="blank" rel="noopener" class=""} provides automatic vulnerability scanning -for DVP images published to Docker Hub. +target="blank" rel="noopener" class=""} provides automatic vulnerability analysis +for Docker-Sponsored Open Source Program images published to Docker Hub. Scanning images ensures that the published content is secure, and proves to developers that they can trust the image. @@ -58,6 +59,11 @@ basis, refer to [vulnerability scanning](/docker-hub/vulnerability-scanning/){: target="blank" rel="noopener" class=""} for more information about how to use it. +> **Note** +> +> Content publishers in the Docker-Sponsored Open Source Program receive 3 free +> Docker Team Seats + ## Who's eligible for the Docker-Sponsored Open Source program? To qualify for the program, you must share your project namespace in public repositories, meet [the Open Source Initiative definition](https://opensource.org/docs/osd), and be in active development with no pathway to commercialization. diff --git a/docker-hub/images/official-image-badge-iso.png b/docker-hub/images/official-image-badge-iso.png new file mode 100644 index 0000000000..7f95fe1853 Binary files /dev/null and b/docker-hub/images/official-image-badge-iso.png differ diff --git a/docker-hub/images/official-image-badge.png b/docker-hub/images/official-image-badge.png index caefccf533..5d6b5e951d 100644 Binary files a/docker-hub/images/official-image-badge.png and b/docker-hub/images/official-image-badge.png differ diff --git a/docker-hub/official_images.md b/docker-hub/official_images.md index 758aab3c8f..3828b064c7 100644 --- a/docker-hub/official_images.md +++ b/docker-hub/official_images.md @@ -7,25 +7,19 @@ redirect_from: --- The [Docker Official Images](https://hub.docker.com/search?q=&type=image&image_filter=official){:target="_blank" rel="noopener" class="_"} are a -curated set of Docker repositories hosted on Docker Hub. They're -designed to: +curated set of Docker repositories hosted on Docker Hub. -- Provide essential base OS repositories (for example, - [Ubuntu](https://hub.docker.com/_/ubuntu/){:target="_blank" rel="noopener" class="_"}, - [Alpine](https://hub.docker.com/_/alpine/){:target="_blank" rel="noopener" class="_"}) that serve as the - starting point for the majority of users. -- Provide drop-in solutions for popular programming language runtimes, data - stores, and other services. -- Exemplify [`Dockerfile` best practices](/engine/userguide/eng-image/dockerfile_best-practices/) - and provide clear documentation to serve as a reference for other `Dockerfile` - authors. -- Ensure that security updates are applied in a timely manner. This is - particularly important as Docker Official Images are some of the most - popular on Docker Hub. +These images provide essential base repositories that serve as the starting point for the majority of users. -Images part of this program have a special badge on Docker Hub making it easier for you to identify projects that are official Docker images. +These include operating systems such as [Ubuntu](https://hub.docker.com/_/ubuntu/){:target="_blank" rel="noopener" class="_"} and [Alpine](https://hub.docker.com/_/alpine/){:target="_blank" rel="noopener" class="_"}, programming languages such as [Python](https://hub.docker.com/_/python) and [Node](https://hub.docker.com/_/node), and other essential tools such as [Redis](https://hub.docker.com/_/redis) and [MySQL](https://hub.docker.com/_/mysql). -![Docker official image badge](./images/official-image-badge.png) +The images are some of the most secure images on Docker Hub. This is particularly important as Docker Official Images are some of the most popular on Docker Hub. Typically Docker Official images have little or no vulnerabilities. + +The images exemplify [`Dockerfile` best practices](/engine/userguide/eng-image/dockerfile_best-practices/) and provide clear documentation to serve as a reference for other `Dockerfile` authors. + +Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that are official Docker images. + +![Docker official image badge](./images/official-image-badge-iso.png) ## When to use Docker Official Images @@ -74,19 +68,6 @@ Official Image. > > Docker Official Images are an intellectual property of Docker. -### Vulnerability scanning - -[Docker Scout](/scout/){: -target="blank" rel="noopener" class=""} provides automatic vulnerability scanning -for DOI images published to Docker Hub. -Scanning images ensures that the published content is secure, and proves to -developers that they can trust the image. - -You can enable scanning on a per-repository -basis, refer to [vulnerability scanning](/docker-hub/vulnerability-scanning/){: -target="blank" rel="noopener" class=""} for more information about how to use -it. - ### Creating a Docker Official Image From a high level, an Official Image starts out as a proposal in the form diff --git a/docker-hub/publish/index.md b/docker-hub/publish/index.md index d297882989..402bdb84a6 100644 --- a/docker-hub/publish/index.md +++ b/docker-hub/publish/index.md @@ -19,7 +19,9 @@ redirect_from: - /docker-hub/publish/publisher-center-migration/ --- -[The Verified Publisher Program](https://hub.docker.com/search?q=&image_filter=store){:target="_blank" rel="noopener" class="_"} provides high-quality images from commercial publishers verified by Docker. +[The Docker Verified Publisher Program](https://hub.docker.com/search?q=&image_filter=store){:target="_blank" rel="noopener" class="_"} provides high-quality images from commercial publishers verified by Docker. + +These images help development teams build secure software supply chains, minimizing exposure to malicious content early in the process to save time and money later. Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that Docker has verified as high-quality commercial publishers. @@ -27,12 +29,13 @@ Images that are part of this program have a special badge on Docker Hub making i ## For content publishers -The Verified Publisher Program provides several features and benefits to Docker +The Docker Verified Publisher Program provides several features and benefits to Docker Hub publishers. The program grants the following perks based on participation tier: - Verified publisher badge +- Priority search ranking in Docker Hub - Insights and analytics -- Vulnerability scanning +- Vulnerability analysis - Additional Docker Business seats - Removal of rate limiting for developers - Co-marketing opportunities @@ -51,18 +54,19 @@ target="blank" rel="noopener" class=""} service provides usage metrics for how the community uses your Docker images, and grants you insight into your user's behavior. +You can +view number of image pulls by tag or by digest, and get breakdowns by +geolocation, cloud provider, client, and more. + ![The insights and analytics tab on the Docker Hub website](./images/insights-and-analytics-tab.png) You can use the view to select the time span you want to view analytics data and export the data in either a summary or raw format. -The summary format shows image pulls per tag, and the raw format lists information about every image pull for the -selected time span. Data points include tag, type of pull, user geolocation, client tool (user agent), and more. - -### Vulnerability scanning +### Vulnerability analysis [Docker Scout](/scout/){: -target="blank" rel="noopener" class=""} provides automatic vulnerability scanning +target="blank" rel="noopener" class=""} provides automatic vulnerability analysis for DVP images published to Docker Hub. Scanning images ensures that the published content is secure, and proves to developers that they can trust the image.