From e8dcbe2028483edf315d05a2328ce8bc25612fb0 Mon Sep 17 00:00:00 2001 From: Chris Chinchilla Date: Fri, 21 Apr 2023 17:10:16 +0200 Subject: [PATCH] Changes from review --- docker-hub/dsos-program.md | 28 ++++++++----- .../images/official-image-badge-iso.png | Bin 0 -> 8388 bytes docker-hub/images/official-image-badge.png | Bin 85511 -> 85944 bytes docker-hub/official_images.md | 39 +++++------------- docker-hub/publish/index.md | 20 +++++---- 5 files changed, 39 insertions(+), 48 deletions(-) create mode 100644 docker-hub/images/official-image-badge-iso.png diff --git a/docker-hub/dsos-program.md b/docker-hub/dsos-program.md index 5aee41b3c0..c640b56ce3 100644 --- a/docker-hub/dsos-program.md +++ b/docker-hub/dsos-program.md @@ -6,7 +6,7 @@ keywords: docker hub, hub, insights, analytics, open source, Docker sponsored, p [Docker Sponsored Open Source images](https://hub.docker.com/search?q=&image_filter=open_source){:target="_blank" rel="noopener" class="_"} are published and maintained by open-source projects sponsored by Docker through the program. -Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that Docker has verified as active open-source projects. +Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that Docker has verified as trusted, secure, and active open-source projects. ![Docker-Sponsored Open Source badge](images/sponsored-badge-iso.png) @@ -18,11 +18,11 @@ The program grants the following perks to eligible projects: - Verified Docker-Sponsored Open Source badge - Insights and analytics -- Vulnerability scanning +- Vulnerability analysis - Removal of rate limiting for developers - Improved discoverability on Docker Hub -These benefits are valid for one year and you can renew if your project still meets the program requirements. Program members, and all users pulling public images from your project namespace get access to unlimited pulls and unlimited egress. +These benefits are valid for one year and you can renew annually if your project still meets the program requirements. Program members, and all users pulling public images from your project namespace get access to unlimited pulls and unlimited egress. ### Verified Docker-Sponsored Open Source badge @@ -37,19 +37,20 @@ target="blank" rel="noopener" class=""} service provides usage metrics for how the community uses your Docker images, and grants you insight into your user's behavior. +You can +view number of image pulls by tag or by digest, and get breakdowns by +geolocation, cloud provider, client, and more. + ![The insights and analytics tab on the Docker Hub website](./publish/images/insights-and-analytics-tab.png) -Select the time span you want to view analytics data, and export the data in -either a summary or raw format. The summary format shows you image pulls per -tag, and the raw format lists information about every image pull for the -selected time span. Data points include tag, type of pull, user geolocation, -client tool (user agent), and more. +You can use the view to select the time span you want to view analytics data and export the data in +either a summary or raw format. -### Vulnerability scanning +### Vulnerability analysis [Docker Scout](/scout/){: -target="blank" rel="noopener" class=""} provides automatic vulnerability scanning -for DVP images published to Docker Hub. +target="blank" rel="noopener" class=""} provides automatic vulnerability analysis +for Docker-Sponsored Open Source Program images published to Docker Hub. Scanning images ensures that the published content is secure, and proves to developers that they can trust the image. @@ -58,6 +59,11 @@ basis, refer to [vulnerability scanning](/docker-hub/vulnerability-scanning/){: target="blank" rel="noopener" class=""} for more information about how to use it. +> **Note** +> +> Content publishers in the Docker-Sponsored Open Source Program receive 3 free +> Docker Team Seats + ## Who's eligible for the Docker-Sponsored Open Source program? To qualify for the program, you must share your project namespace in public repositories, meet [the Open Source Initiative definition](https://opensource.org/docs/osd), and be in active development with no pathway to commercialization. diff --git a/docker-hub/images/official-image-badge-iso.png b/docker-hub/images/official-image-badge-iso.png new file mode 100644 index 0000000000000000000000000000000000000000..7f95fe18533406027ccf8a59745462b9c50deedd GIT binary patch literal 8388 zcmZ`;by!qe*B`nO>5iehmF|uK=|*A*g`tLS=>b8cOIo@^K}uRuLb_8rB&0u3?|bie zpZDGKoO9M*YyDQ9eg2pgp$?MALMKHB003Bu3Nji10G!=DEr^PIf5$C(ta$%Gw3bwr z1OTdHFs{vz?)TId3L2^afENP*5D*LiT;8(+z5@WRTmZoKa{xdn82})1OmBQ9axcgM z>nU2PssdQ^60P&BG!Ts}L zy}7?0Fu$LOZ$kkn_dDDNP8QtX*0bRMLc-Z)A^b%H1n>0#lA6+r4~c17ID^3u7aIqt zS##S%glLWm`Yr$fA^pPzr>H@92mm0s*lOuP^;A`aEFA1P%q$(u!5kj;jt_PKA|68b zq&*mFM(ts52XPVd5C#6y5W1%y*qlJ>Un4lWKZpcpzeHMNMd zrInC|jNBji{Z15U1BE&YadNu5yK}hnayU3!b8-s`3UYGsaPsi5-)peDctW6N9_$bo z+TTY0vLgd_v2eC^gxWels2}W_nLD^bMS;KvNB>#B;{+y zgIJ3KJ=iV5R%WhtP@ve~O%vgK$kNXCUsiu{|G!z0Uupf1NPb7DZtDTI)045i57Xto zfMVPNPx=19{w?~up1+~e4t5UCnvP}`U@`7LkbkiLt^LcI{@;#x1)u!W&p#ypKt7aL zNCWKRVCVYKUTugiRE$T2^S`nGjne-cCdSQopVKeUKe_)#=>1p3Ke_)#s5#r-ch~G8 zw1*P>^6*dIAN}7A`^Rhg`waYQ*!>|8Ll@!v&w&y{hf-vQ0087ziZYT~9&mfcC?15` zjbiaQ3h=0C+0x&`Pk139auT#z zkH4ZC9iqm!E)A<^X8mChquPX&IUv3cxZgX*QfCpI$sWsYjg6z)Ao9T*nC*D~!O@{= zMV)yPz7u9V9?l>@(t9TwGu-e)?;X+gSkAp&8$=EQ#J&jU94W!Y0w2%EL2CKO1TwO0 z%1V8*v`WEBLI-vv73wz z)O_bj;a&$Iz^|M6>V}S%YgFZ!c?xTxH88P-sKRIqD%;d2Lb60_AEJCvy3BV`^<&D$Orh%I&hWbRij7B|;@x5;i45 zMju^;?=_a3<+98hj@4(lf!Gsn0=Tv9LoB^S)`ufil*?_Uv%h_b!+(2jJ2r!@{R(|2 zw|b~e{;$%?LcmQVPcfIp&~_7%~zW#?I6z#xML;rr|c5uL#=vW?=(OMX`u9kI}qHDJE zi~zegm^%GUGfAZX?lmeEzr%^72!tgYX^Pf6w~@p~qhG1`z3at{ z#e9TF%)XQK{w}kqlx(t)nX+{snQ0q;_)7_T-Z}5x zU)*<}hzuSre6ZYrdE!THB(oiZvrtMBp7u^^`f11N0>AAWQ04nO=uQTZrXIHWlt+$0Of+a@uXJm)Gg+Am5ad@2G;*1l~r(eyJKOkkNsZ7iyO^7HZ$1 zcNF2+nIbu!P>N=7gp&wf3F(eYz>`>q$-v1;UGzorQ;H-T4<+FN$u{$p5|Z^kZ&iaP z%O^A^S(mL~pFO8ywkkA1on{KU*f(<0Qe7iAO|VR?il9k65SdlhfOgJ%metfPKIgcT zU6r{$DgYlF6Qg*@N7I!E0rX}&bwl48XM-Eai5Pd*THg0DxlB=j)LN*+180q+q z;6uw?--QZ;6r&gTiuHY^GH~P4Sg)7Y-^4ndk$vaG0oh(*soJI`iEBFK1)$mIqE!2lNGQRSn=NIN3%+DnD@-InJkQGVAoAN zm;$~pH(;nI7o&@e0-v&IclMTxcB$%~vz-|u&3@QDOyLxJoQ6%w_2i{)8B4eLaeRq+ zt!c?vGw=$l_C!eS%4v#7zEjko)@|>J>#Wt$c2rT~P3{#IF0J=TReTYd_}-0d6W4`H zjm^N<$L0!Q92@nseU0>p}RYSeAw-g$YHxhjs2 zG79=gxjoCzdV~{0#CoQez)x10Ih-AydE-OQwy7EIyDRFaC33OVV?NXPjSxK87nQR- zcuIVxCMllXt0s_%)_>C{#7raEx-4em5h|JjN*nw zSy=ANp8StN6Dy2AtRr<>-f5`l|KI~{u7#^5a^S>7d#mMv2|}tuUA$1#GWZhsXQ@P8 zbpLpI>56_ntPPFQ^iA|lX;f$ua5d)!5BieB4R(1( zA>&n2at2kumAITVk6vHR%gq>0b(%m7l0wNPvTpXd(#c(Tt~U&7uip)dR$$>d^Ytx& zfV4YUa-~WzFt{-~@@{My2Y)QM90zBs_bl917MjwIjGn_N47VJy1NsVXYIdrTLuN)?> zA9+EQ*{EJys%r|hnbUgWZcI5Wz`h{C7hQX1!4gm8-?HWQ3~zIt?sz8StZEnb6S2qG zetUv9{quFGJC!(tGmb6`cqlPb*5$dA#Uy2QuPX_2^jY+}=X8IAF&ST6T<}=;!Z2GC zw4kklBi~@1CC9!Q83@-u-xCvV+!pSP({a@5FRa?+)pPSs+G#q*x504?**i8Fg?@rN zU%%?OnnUlbA3Nxnn%|sA!?fhNUNA6^QNtZl!#5osi)?CswyCLOPxi7hk(SM+4`zxGm5F+o$6=v&UK7qCV?l1i88W}x@qGGkTAqJyl;dM1dDCA!FftE z+-T+hOa^swb&1>ctzX$}YAo%pa4NbtS7_h4sY{uYp0kt7L?184j4_Vka z>q<>TI*?fwdbD-H>cU=TCrkY>rcB;Nw8p27`{*r`vOd3yalXZn+R3GI`FCUxSlbyN}7$P zBoyDDF@wal2*#$^LhgE&c2vQG?amT+fww`j!iU`&Ewhy%^;pfHOM}lSn@m&<_2T(= zj2OAtg;Kd}ncw2zb66nw=L0@mT^FHf} zc?-tBvN9meHnXh~SqKd`ShV|I$)lDnEVL!`r($^5Al$-$R}ahA=maUC>zsFFB z$&W;LpnSF<6f~F~4ydQFbWdE@#v+Z}XI34IAtM@+i#&u+t}-i|ZlPd`UwlLYfh2V+ z^*5dlb~uhNo#3PpRN^v6zc2+ifM6gcO@Y!hhRKAq#C4p3xrD_6-IL(_*lKS7+{MQI zh$M?U)*IT%=O2yoOK^?t4OsQZuSvJxHw+!NBssKB&bb*1qV|Dz z)Acv@We$fp=X}CKc%Qn@=nMsLieqAbRm43q<{Dtp)35fe(XSI^%R(gbQr3at%TKH6 zb3V#A^Upk`0Aj6O%uh7OEHRQVANp;9TC=|vxRTKp2S(eYHyHWFxZ1ZQIz|)NruqEj zMK=Cs;?w98vFxH0a_S$nGOP!)zx5&jgILEeGM1z~05u z*`CO4Y!tNSlaNQCg2N4{#>B2P`V|M3VkoUfpOaqaK#kOT=_pMEr6=gc z)LH(8O+2)#(dv%hi2T*@RA8b*ps-Gc-=kA9VrZ#Q2M73j{*8eD&ER|vFC{voV%Rr2 z_H<)ZGmG$v4QZ6Y;tX=Bg@KHg1O=zs^PW9xaWa(cqMsOi^xXPUBul_a&fy?{&(c2?|3(p+>l`0fBy>?{jYDkY@bc1$jFWzf|*SMp>FzqmRR|$-1Je zS2|Oh_IL{8pmt-2@Ta2E%}nVKi0%~Io#!GYN0bc$hi7{lS8#PJbAtokN=AO=!RQ+g zkDvKmLi8w-x9J{l5|S7rWz*%OTzyKv3BP+y276l|qva^v{j_$~OQ8BHcyY!0YRl2_ z6lD;Yk+*z8QaI>K73Esy%x{w(D~e$FHg@GZ6n-{_!jG6E@$wZ`?1L9@H`z@LZEy3x(s(|-rdszjFq(sDK0q2QBD{8pMM)*sfkQva_H>b|q4PVA_QJIl zOhFbuGET*RI|SF)Ej{`R52vVIRpq=;cwUq8*oL{FfQ5cex=U6(d9$(pR|2x zhZ7v~DRDjSXieK1Q|`73I*@2jVvyx>DGNG*6S5Vb#?a5i?$Eu=;x`|aSq>3Za@0ef zdQe|Vlu_Aa&{%37;*>mNhS(cC_n0vWh~Ma7E@Ii$lT{=d)H^vh38zLO z8Cl~zHHkc{S@GrDF^O#FU|gbxRVNJkOz`kUAC0Bc=Xaa`P&K6JyW}4rj`OUzyJ+iJ zaY(*^qLMp^u5~50*Yl9zuVzfU+xEtuXl|Ij2n>x?3ite!-!8V!jV6`vH1!ONDnWCS z@R1LxnHes^j{ur-^=IYqM7`fJ`-mL3&m`95l-OHQ=8F2ui4FSS$Q9f`z!Z-!q(zRM zR{QncOVbcZ6<5|KbQ0xZxx4blAn)UtXwACj(jmv0!XC@oP_3x~0xy{|yf2sV0%Y_r z73&!h&M{Ua^R-Hhrkkip;*2NIg?r9Nw`bp%Wg`%qs*nbwdk1o+h73EIX5y*W1+Vje z0aI#lvFT)7XFdA%GDcIb3aV7x7<8UQzMfgBTK{tKW5i?H;niKK^y}zc`868jq-8PI za*7!@^+%r~WX*Ujv;v!G=L~}Nh6FFAkB}3tneYUQG{-Es<1coMAL)fs+Wipf12NOM zq^AzmYfLfjB-C=%d+;)}DKuzQNo{>ga z1On3Q(4W@a+NmJUK02A7m|Iiyg~>|_PS8fg<3@;}Uix+o+rvq7eQsoTa&#VMWK~yv z3+-HY5Z1%rYV+aE<;F#$TXXm}^-}Ep!8O-d9ZAESyyU!~s*aOA{yIg2dbNl{=o6FI zXrkn{ylkh!DjaXoZwe} z@nU263-N2@+{*cAk}_vGorVbd(h48Xa~OmIQPWR1^W|Ya0oGlLYfMCXVE}Vou^^-T zN=J8E3NTLmOO)?!q;F!VPfS`r`$_qS80l3{t|6Cc9e-%B7le26&IZC`(~1O?VNwz5 zFrw8Uba0E-o=1(&1QA>~x!8z`cqESyH281yzo{lLT0YU1jdQouS7bZTCO1xhB}&o2 z_bOJw33G!u|5*WjPDI`{yg$4q_EZQ>bj?HscWXbJp*e@QZ$mQ@`ep#nXxuuaKPTC4 z^J=6_wYL94gBehvlCAlyPd;*^PkV$4qzFsx9GELAEu3rC*lp}fO2cH_n;xZtC>w2* zn{LkROHDnlZI6~jHB>|myRg7Hr3ukLPwtJtm!~$Pm`F&u)XVghRiZ!?;%MLi&0N@w zh}5uHq<&hl?$0~y!Qa*@VR+hg^@H1NJ!_Gb?xeUX1Va+w0dss@2WWi8Sc4s#T?XW;>$ zCnn0<%GmW)gq@*I|GvU)C$SBB0z(KsXmW%7wQGfcI#YL(n8xK&gG-}dG*`X?W#(+g z(oS)KjF)PgdnLLUk9Kn4Az<{G5vm59AJ5Y&b)X5sybx;roLEut1W(PokYfboW4*H$ zOV7OiX)=E)w(lU1k{@gfHfPEuw<%a&{Yb}p(_XPCA{*D-OqoTx z4t>G@aQ59^aB%1FjeoOS{%1j6_;vfQVq;vEkSH+_EfSsdn&lJ87Eh|4-G=9REI>ob zF7+$^wUR8yj~C)uatoxVZ!As%n%q9LI7o*I78G@zT}FZQo;o!>Q(?r-c$a6}L`N#% zb!uvGV>YB7AkT!s0;8X`q(|I9%Y8i$7AKD%`Nun0MNs7h!J= z?cEc-5}eo+rK{ncX)vn$tcfSqu4T0O_!L#;gp{z0TvUYP{!g~**GDx0$0EejD>5{F zH_i=TD-+ifaUNk4?8*<ueM^e|kNi z?)pV52Q*c*N89ymuY_%~LKYuCqvuY^*iwZs+gZI#+7qIR8`tUbbb&D5!fid;K9Mb& zC4}xOPFXHeA!Lvzp+CX(W9?$*w%9v=MO53zR@3o3ZSrBg_8-=bIun#_ho<8=mYW7p zhHPSymOe2nOVWz1td+s-yrz!L7W<|N1{%Z4WkH_|98hdw2qqxB^ zY^K0ylePA3e<$Tc71OSgI(k(h`CgRou_Z?$n5{H$=35C(g-bPYRMA$36P|~x$O($+ zz;u*pAfpMYvVuWplL>a09CY7`uE_jnY}_HT4+`k>a1t9%iA3aA8rq;u!Khu#;^mgx zNz$>4j2Z8Q8?*0@Rkv~HgT%TFjE$rt{LnWE@pG@28?~l7SCpA57!Lu6Z|^@&JLX^Ce%Dtx57 zxk|`DdI{d2BrW>Q?UkMM{2hJ*Xq@!SiqIExm<>DLNH_BW8ParMtqDj(=9ELxbwFTK zz|Mk?ez{z2`pujv@P+By*Iz<1WVGZN%s-IK=#*89!+|P$*1zuKu z^k5)8?N-~A^5lx*oipWWR4-rG5PWorH;S{81V<&!V?qfLyi~sOLbwSC>}ucmGSbNQ zDC9H7D6SBEZK}ZaBN;f4(}C;^m62`j1C0eDEOJhKA7BF!NBql=<3mBTR-s5qayE{Y zQ%C8A{>^#BH6Rxe4hh-{>{GEn^8!=~xNT!jpV$uuW z;t~DH-ZUiC9Y3KSxx1fz1S;bM!caBBEA-IJf`{UgcawIDEA^{*6b@auH)WBnZe>}m zI#m@*80EU=OSH*Wa}z$mqD&rqa?m5Ld}jOFj;#ahG85(>kV@^0Vp=<2kBKi%tR1Ur z>dQNR&olXFxMPI~-(@6hY^aW&hE-HMyoATDJiBEHP5CuN`bdt0DzA^1ltu7_)jG&< zs6DFe?MkgDCi}x=Ms7(%wr#0YGU%%~addEAr6)k{wI#tulEI0B08#$$p-LbI7Tkud z`9!z6z{@NC;L^%zI6S=dwwWPG6GMCZS(>cWxOX|JPGN3@`pkSD~7Jj{#I*WtB0+Jq&ECb`h8>xu1imH;H@tt4(vuYnN zRiwqOaEU3T_L#!Z;)jJsU7{M>qfdgN-hcI7u8sR5&PCg}_}AQq4;~y5pfd%IXc4Rb rRV!3DxUx!VfU@qlUu_3RwA~@N-67-w4$q<=rtgZfAenNh=db<`Ho8j* literal 0 HcmV?d00001 diff --git a/docker-hub/images/official-image-badge.png b/docker-hub/images/official-image-badge.png index caefccf53303f503f0183fe6df2fb6b2f8eb2e94..5d6b5e951dffb51d0b18ff73cf846ebb82210593 100644 GIT binary patch delta 801 zcmZutO>5LZ7=C9qu~jcpWTmy00jr3Ija!Q!Aw-w9&{cz)Rmk?_nojIMb`z2;EMB(Y zM=yfi=Hj8y#hb?>sQ8PDhvLbDcyMNtwqe^DhWE+yKF|A+jcxVEj=Fid56Y{WRRh@l zc=lgQ1pwkM+ZMpd`lQ-dcyQ>X4(7F_3e98@#` zC5{lkfTloH;|Lz0i-*`o*K!R8*kI6Ca?uKp;%xFKOj%U6-oqIGnh?wo9hDzq$em;M zuylaY2d;x!W1(K>vEfFPcH*@l@%O%c;l$~1xfuhLuZV~0_Uvz%fl|z#If-LE(%qn4 zX{`n?X{FZ=MIjh;?;$eyx`YWC{FzkTslEO?E0+GCE^NEsrBcJ4s8-CYF{hid?QYjdQ>rY)Hv5hW46K32*3xq68y`AMmI6}bfrAYfx(QIMFNom!%hl$xHI zXRGvn_kJaX%oJOta8q9c-vZ~}1OnC3`!r$##tPlj|8>CLd>1 znykU3#mF`JEu&F=NoHD_Rb)_Vaehu|NoGFKG(!^;eM2QK1qB7L96~BIFSEo}$p|48 zfsjMimRgaSW)+ZGk(v|Xl9`*DR}3-M!rTO`6)f$XpOaq{T#%@ioC?&65C?0EMABw# zX{H2pd=!%umrYShnw4Wt36ML1$*SH)AI=B5)kYs|ZfJ38k#l}7&{m)_kSIuvOKNd) zQDymSdfdG9hZ%Mg%vPVb5lzafgE_Srse^|vIrPxZZYnsfdS4~9OUlAu > Docker Official Images are an intellectual property of Docker. -### Vulnerability scanning - -[Docker Scout](/scout/){: -target="blank" rel="noopener" class=""} provides automatic vulnerability scanning -for DOI images published to Docker Hub. -Scanning images ensures that the published content is secure, and proves to -developers that they can trust the image. - -You can enable scanning on a per-repository -basis, refer to [vulnerability scanning](/docker-hub/vulnerability-scanning/){: -target="blank" rel="noopener" class=""} for more information about how to use -it. - ### Creating a Docker Official Image From a high level, an Official Image starts out as a proposal in the form diff --git a/docker-hub/publish/index.md b/docker-hub/publish/index.md index d297882989..402bdb84a6 100644 --- a/docker-hub/publish/index.md +++ b/docker-hub/publish/index.md @@ -19,7 +19,9 @@ redirect_from: - /docker-hub/publish/publisher-center-migration/ --- -[The Verified Publisher Program](https://hub.docker.com/search?q=&image_filter=store){:target="_blank" rel="noopener" class="_"} provides high-quality images from commercial publishers verified by Docker. +[The Docker Verified Publisher Program](https://hub.docker.com/search?q=&image_filter=store){:target="_blank" rel="noopener" class="_"} provides high-quality images from commercial publishers verified by Docker. + +These images help development teams build secure software supply chains, minimizing exposure to malicious content early in the process to save time and money later. Images that are part of this program have a special badge on Docker Hub making it easier for you to identify projects that Docker has verified as high-quality commercial publishers. @@ -27,12 +29,13 @@ Images that are part of this program have a special badge on Docker Hub making i ## For content publishers -The Verified Publisher Program provides several features and benefits to Docker +The Docker Verified Publisher Program provides several features and benefits to Docker Hub publishers. The program grants the following perks based on participation tier: - Verified publisher badge +- Priority search ranking in Docker Hub - Insights and analytics -- Vulnerability scanning +- Vulnerability analysis - Additional Docker Business seats - Removal of rate limiting for developers - Co-marketing opportunities @@ -51,18 +54,19 @@ target="blank" rel="noopener" class=""} service provides usage metrics for how the community uses your Docker images, and grants you insight into your user's behavior. +You can +view number of image pulls by tag or by digest, and get breakdowns by +geolocation, cloud provider, client, and more. + ![The insights and analytics tab on the Docker Hub website](./images/insights-and-analytics-tab.png) You can use the view to select the time span you want to view analytics data and export the data in either a summary or raw format. -The summary format shows image pulls per tag, and the raw format lists information about every image pull for the -selected time span. Data points include tag, type of pull, user geolocation, client tool (user agent), and more. - -### Vulnerability scanning +### Vulnerability analysis [Docker Scout](/scout/){: -target="blank" rel="noopener" class=""} provides automatic vulnerability scanning +target="blank" rel="noopener" class=""} provides automatic vulnerability analysis for DVP images published to Docker Hub. Scanning images ensures that the published content is secure, and proves to developers that they can trust the image.