diff --git a/.dockerignore b/.dockerignore index 24fffe8d3b3..ff3cf374b3b 100644 --- a/.dockerignore +++ b/.dockerignore @@ -3,6 +3,7 @@ .gitignore .idea .hugo_build.lock +hugo_stats.json _releaser CONTRIBUTING.md Dockerfile diff --git a/.gitignore b/.gitignore index 60699f1d6b4..fe706e823ea 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ .hugo_build.lock +hugo_stats.json .idea/ .vscode/mcp.json .vscode/settings.json diff --git a/Dockerfile b/Dockerfile index 7fc6c996b5d..aa4957bce56 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ ARG ALPINE_VERSION=3.21 ARG GO_VERSION=1.24 ARG HTMLTEST_VERSION=0.17.0 ARG VALE_VERSION=3.11.2 -ARG HUGO_VERSION=0.141.0 +ARG HUGO_VERSION=0.154.2 ARG NODE_VERSION=22 ARG PAGEFIND_VERSION=1.3.0 diff --git a/_vendor/github.com/docker/scout-cli/docs/scout.md b/_vendor/github.com/docker/scout-cli/docs/scout.md deleted file mode 100644 index 8b9b9e25f97..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout.md +++ /dev/null @@ -1,38 +0,0 @@ -# docker scout - -``` -docker scout COMMAND -``` - - -Command line tool for Docker Scout - -### Subcommands - -| Name | Description | -|:--------------------------------------------------------------|:--------------------------------------------------------------------------------------------| -| [`attestation`](scout_attestation.md) | Manage attestations on images | -| [`cache`](scout_cache.md) | Manage Docker Scout cache and temporary files | -| [`compare`](scout_compare.md) | Compare two images and display differences (experimental) | -| [`config`](scout_config.md) | Manage Docker Scout configuration | -| [`cves`](scout_cves.md) | Display CVEs identified in a software artifact | -| [`docker-cli-plugin-hooks`](scout_docker-cli-plugin-hooks.md) | runs the plugins hooks | -| [`enroll`](scout_enroll.md) | Enroll an organization with Docker Scout | -| [`environment`](scout_environment.md) | Manage environments (experimental) | -| [`help`](scout_help.md) | Display information about the available commands | -| [`integration`](scout_integration.md) | Commands to list, configure, and delete Docker Scout integrations | -| [`policy`](scout_policy.md) | Evaluate policies against an image and display the policy evaluation results (experimental) | -| [`push`](scout_push.md) | Push an image or image index to Docker Scout | -| [`quickview`](scout_quickview.md) | Quick overview of an image | -| [`recommendations`](scout_recommendations.md) | Display available base image updates and remediation recommendations | -| [`repo`](scout_repo.md) | Commands to list, enable, and disable Docker Scout on repositories | -| [`sbom`](scout_sbom.md) | Generate or display SBOM of an image | -| [`stream`](scout_stream.md) | Manage streams (experimental) | -| [`version`](scout_version.md) | Show Docker Scout version information | -| [`vex`](scout_vex.md) | Manage VEX attestations on images | -| [`watch`](scout_watch.md) | Watch repositories in a registry and push images and indexes to Docker Scout (experimental) | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_attestation.md b/_vendor/github.com/docker/scout-cli/docs/scout_attestation.md deleted file mode 100644 index dc32a6b306c..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_attestation.md +++ /dev/null @@ -1,21 +0,0 @@ -# docker scout attestation - - -Manage attestations on images - -### Aliases - -`docker scout attestation`, `docker scout attest` - -### Subcommands - -| Name | Description | -|:------------------------------------|:----------------------------| -| [`add`](scout_attestation_add.md) | Add attestation to image | -| [`get`](scout_attestation_get.md) | Get attestation for image | -| [`list`](scout_attestation_list.md) | List attestations for image | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md b/_vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md deleted file mode 100644 index 5517741c166..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_add.md +++ /dev/null @@ -1,22 +0,0 @@ -# docker scout attestation add - - -Add attestation to image - -### Aliases - -`docker scout attestation add`, `docker scout attest add` - -### Options - -| Name | Type | Default | Description | -|:------------------------|:--------------|:----------------------------|:---------------------------------------------| -| `--file` | `stringSlice` | | File location of attestations to attach | -| `--org` | `string` | | Namespace of the Docker organization | -| `--predicate-type` | `string` | | Predicate-type for attestations | -| `--referrer` | | | Use OCI referrer API for pushing attestation | -| `--referrer-repository` | `string` | `registry.scout.docker.com` | Repository to push referrer to | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_get.md b/_vendor/github.com/docker/scout-cli/docs/scout_attestation_get.md deleted file mode 100644 index 0c98a6b0233..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_get.md +++ /dev/null @@ -1,26 +0,0 @@ -# docker scout attestation get - - -Get attestation for image - -### Aliases - -`docker scout attestation get`, `docker scout attest get` - -### Options - -| Name | Type | Default | Description | -|:-------------------|:---------|:-----------------------------------------------------------|:--------------------------------------------------------------------------------------------------------| -| `--key` | `string` | `https://registry.scout.docker.com/keyring/dhi/latest.pub` | Signature key to use for verification | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--predicate` | | | Get in-toto predicate only dropping the subject | -| `--predicate-type` | `string` | | Predicate-type for attestation | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--skip-tlog` | | | Skip signature verification against public transaction log | -| `--verify` | | | Verify the signature on the attestation | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_list.md b/_vendor/github.com/docker/scout-cli/docs/scout_attestation_list.md deleted file mode 100644 index 06b33e172a3..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_attestation_list.md +++ /dev/null @@ -1,23 +0,0 @@ -# docker scout attestation list - - -List attestations for image - -### Aliases - -`docker scout attestation list`, `docker scout attest list` - -### Options - -| Name | Type | Default | Description | -|:-------------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------| -| `--format` | `string` | `list` | Output format:
- list: list of attestations of the image
- json: json representation of the attestation list (default "json") | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--predicate-type` | `string` | | Predicate-type for attestations | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache.md deleted file mode 100644 index 9bb212dd3db..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cache.md +++ /dev/null @@ -1,16 +0,0 @@ -# docker scout cache - - -Manage Docker Scout cache and temporary files - -### Subcommands - -| Name | Description | -|:--------------------------------|:--------------------------------| -| [`df`](scout_cache_df.md) | Show Docker Scout disk usage | -| [`prune`](scout_cache_prune.md) | Remove temporary or cached data | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md deleted file mode 100644 index 71dcf99560b..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cache_df.md +++ /dev/null @@ -1,52 +0,0 @@ -# docker scout cache df - - -Show Docker Scout disk usage - - - - -## Description - -Docker Scout uses a temporary cache storage for generating image SBOMs. -The cache helps avoid regenerating or fetching resources unnecessarily. - -This `docker scout cache df` command shows the cached data on the host. -Each cache entry is identified by the digest of the image. - -You can use the `docker scout cache prune` command to delete cache data at any time. - -## Examples - -### List temporary and cache files - -```console -$ docker scout cache df -Docker Scout temporary directory to generate SBOMs is located at: - /var/folders/dw/d6h9w2sx6rv3lzwwgrnx7t5h0000gp/T/docker-scout - this path can be configured using the DOCKER_SCOUT_CACHE_DIR environment variable - - Image Digest │ Size -──────────────────────────────────────────────────────────────────────────┼──────── - sha256:c41ab5c992deb4fe7e5da09f67a8804a46bd0592bfdf0b1847dde0e0889d2bff │ 21 kB - -Total: 21 kB - - -Docker Scout cached SBOMs are located at: - /Users/user/.docker/scout/sbom - - Image Digest │ Size of SBOM -──────────────────────────────────────────────────────────────────────────┼─────────────── - sha256:02bb6f428431fbc2809c5d1b41eab5a68350194fb508869a33cb1af4444c9b11 │ 42 kB - sha256:03fc002fe4f370463a8f04d3a288cdffa861e462fc8b5be44ab62b296ad95183 │ 100 kB - sha256:088134dd33e4a2997480a1488a41c11abebda465da5cf7f305a0ecf8ed494329 │ 194 kB - sha256:0b80b2f17aff7ee5bfb135c69d0d6fe34070e89042b7aac73d1abcc79cfe6759 │ 852 kB - sha256:0c9e8abe31a5f17d84d5c85d3853d2f948a4f126421e89e68753591f1b6fedc5 │ 930 kB - sha256:0d49cae0723c8d310e413736b5e91e0c59b605ade2546f6e6ef8f1f3ddc76066 │ 510 kB - sha256:0ef04748d071c2e631bb3edce8f805cb5512e746b682c83fdae6d8c0b243280b │ 1.0 MB - sha256:13fd22925b638bb7d2131914bb8f8b0f5f582bee364aec682d9e7fe722bb486a │ 42 kB - sha256:174c41d4fbc7f63e1f2bb7d2f7837318050406f2f27e5073a84a84f18b48b883 │ 115 kB - -Total: 4 MB -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md b/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md deleted file mode 100644 index 7292884c7dc..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cache_prune.md +++ /dev/null @@ -1,40 +0,0 @@ -# docker scout cache prune - - -Remove temporary or cached data - -### Options - -| Name | Type | Default | Description | -|:----------------|:-----|:--------|:-------------------------------| -| `-f`, `--force` | | | Do not prompt for confirmation | -| `--sboms` | | | Prune cached SBOMs | - - - - -## Description - -The `docker scout cache prune` command removes temporary data and SBOM cache. - -By default, `docker scout cache prune` only deletes temporary data. -To delete temporary data and clear the SBOM cache, use the `--sboms` flag. - -## Examples - -### Delete temporary data - -```console -$ docker scout cache prune -? Are you sure to delete all temporary data? Yes - ✓ temporary data deleted -``` - -### Delete temporary _and_ cache data - -```console -$ docker scout cache prune --sboms -? Are you sure to delete all temporary data and all cached SBOMs? Yes - ✓ temporary data deleted - ✓ cached SBOMs deleted -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_compare.md b/_vendor/github.com/docker/scout-cli/docs/scout_compare.md deleted file mode 100644 index 0461896b92f..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_compare.md +++ /dev/null @@ -1,114 +0,0 @@ -# docker scout compare - - -Compare two images and display differences (experimental) - -### Aliases - -`docker scout compare`, `docker scout diff` - -### Options - -| Name | Type | Default | Description | -|:----------------------|:--------------|:--------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `-x`, `--exit-on` | `stringSlice` | | Comma separated list of conditions to fail the action step if worse or changed, options are: vulnerability, policy, package | -| `--format` | `string` | `text` | Output format of the generated vulnerability report:
- text: default output, plain text with or without colors depending on the terminal
- markdown: Markdown output
| -| `--hide-policies` | | | Hide policy status from the output | -| `--ignore-base` | | | Filter out CVEs introduced from base image | -| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope | -| `--ignore-unchanged` | | | Filter out unchanged packages | -| `--multi-stage` | | | Show packages from multi-stage Docker builds | -| `--only-fixed` | | | Filter to fixable CVEs | -| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) | -| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate | -| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by | -| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names | -| `--only-unfixed` | | | Filter to unfixed CVEs | -| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--to` | `string` | | Image, directory, or archive to compare to | -| `--to-env` | `string` | | Name of environment to compare to | -| `--to-latest` | | | Latest image processed to compare to | -| `--to-ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive. | -| `--vex-author` | `stringSlice` | `[<.*@docker.com>]` | List of VEX statement authors to accept | -| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements | - - - - -## Description - -The `docker scout compare` command analyzes two images and displays a comparison. - -> This command is **experimental** and its behaviour might change in the future - -The intended use of this command is to compare two versions of the same image. -For instance, when a new image is built and compared to the version running in production. - -If no image is specified, the most recently built image is used -as a comparison target. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file -- `sbom://` SPDX file or in-toto attestation file with SPDX predicate or `syft` json SBOM file - -## Examples - -### Compare the most recently built image to the latest tag - -```console -$ docker scout compare --to namespace/repo:latest -``` - -### Compare local build to the same tag from the registry - -```console -$ docker scout compare local://namespace/repo:latest --to registry://namespace/repo:latest -``` - -### Ignore base images - -```console -$ docker scout compare --ignore-base --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` - -### Generate a markdown output - -```console -$ docker scout compare --format markdown --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` - -### Only compare maven packages and only display critical vulnerabilities for maven packages - -```console -$ docker scout compare --only-package-type maven --only-severity critical --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` - -### Show all policy results for both images - -```console -docker scout compare --to namespace/repo:latest namespace/repo:v1.2.3-pre -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_config.md b/_vendor/github.com/docker/scout-cli/docs/scout_config.md deleted file mode 100644 index 1a6e8b69c9a..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_config.md +++ /dev/null @@ -1,38 +0,0 @@ -# docker scout config - - -Manage Docker Scout configuration - - - - -## Description - -`docker scout config` allows you to list, get and set Docker Scout configuration. - -Available configuration key: - -- `organization`: Namespace of the Docker organization to be used by default. - -## Examples - -### List existing configuration - -```console -$ docker scout config -organization=my-org-namespace -``` - -### Print configuration value - -```console -$ docker scout config organization -my-org-namespace -``` - -### Set configuration value - -```console -$ docker scout config organization my-org-namespace - ✓ Successfully set organization to my-org-namespace -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md b/_vendor/github.com/docker/scout-cli/docs/scout_cves.md deleted file mode 100644 index e6fd689c1ed..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_cves.md +++ /dev/null @@ -1,271 +0,0 @@ -# docker scout cves - -``` -docker scout cves [OPTIONS] [IMAGE|DIRECTORY|ARCHIVE] -``` - - -Display CVEs identified in a software artifact - -### Options - -| Name | Type | Default | Description | -|:-----------------------|:--------------|:--------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `--details` | | | Print details on default text output | -| `--env` | `string` | | Name of environment | -| [`--epss`](#epss) | | | Display the EPSS scores and organize the package's CVEs according to their EPSS score | -| `--epss-percentile` | `float32` | `0` | Exclude CVEs with EPSS scores less than the specified percentile (0 to 1) | -| `--epss-score` | `float32` | `0` | Exclude CVEs with EPSS scores less than the specified value (0 to 1) | -| `-e`, `--exit-code` | | | Return exit code '2' if vulnerabilities are detected | -| `--format` | `string` | `packages` | Output format of the generated vulnerability report:
- packages: default output, plain text with vulnerabilities grouped by packages
- sarif: json Sarif output
- spdx: json SPDX output
- gitlab: json GitLab output
- markdown: markdown output (including some html tags like collapsible sections)
- sbom: json SBOM output
| -| `--ignore-base` | | | Filter out CVEs introduced from base image | -| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope | -| `--locations` | | | Print package locations including file paths and layer diff_id | -| `--multi-stage` | | | Show packages from multi-stage Docker builds | -| `--only-base` | | | Only show CVEs introduced by the base image | -| `--only-cisa-kev` | | | Filter to CVEs listed in the CISA KEV catalog | -| `--only-cve-id` | `stringSlice` | | Comma separated list of CVE ids (like CVE-2021-45105) to search for | -| `--only-fixed` | | | Filter to fixable CVEs | -| `--only-metric` | `stringSlice` | | Comma separated list of CVSS metrics (like AV:N or PR:L) to filter CVEs by | -| `--only-package` | `stringSlice` | | Comma separated regular expressions to filter packages by | -| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc) | -| `--only-severity` | `stringSlice` | | Comma separated list of severities (critical, high, medium, low, unspecified) to filter CVEs by | -| `--only-stage` | `stringSlice` | | Comma separated list of multi-stage Docker build stage names | -| `--only-unfixed` | | | Filter to unfixed CVEs | -| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected | -| `--only-vuln-packages` | | | When used with --format=only-packages ignore packages with no vulnerabilities | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--vex-author` | `stringSlice` | `[<.*@docker.com>]` | List of VEX statement authors to accept | -| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements | - - - - -## Description - -The `docker scout cves` command analyzes a software artifact for vulnerabilities. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file -- `sbom://` SPDX file or in-toto attestation file with SPDX predicate or `syft` json SBOM file - In case of `sbom://` prefix, if the file is not defined then it will try to read it from the standard input. - -## Examples - -### Display vulnerabilities grouped by package - -```console -$ docker scout cves alpine -Analyzing image alpine -✓ Image stored for indexing -✓ Indexed 18 packages -✓ No vulnerable package detected -``` - -### Display vulnerabilities from a `docker save` tarball - -```console -$ docker save alpine > alpine.tar - -$ docker scout cves archive://alpine.tar -Analyzing archive alpine.tar -✓ Archive read -✓ SBOM of image already cached, 18 packages indexed -✓ No vulnerable package detected -``` - -### Display vulnerabilities from an OCI directory - -```console -$ skopeo copy --override-os linux docker://alpine oci:alpine - -$ docker scout cves oci-dir://alpine -Analyzing OCI directory alpine -✓ OCI directory read -✓ Image stored for indexing -✓ Indexed 19 packages -✓ No vulnerable package detected -``` - -### Display vulnerabilities from the current directory - -```console -$ docker scout cves fs://. -``` - -### Export vulnerabilities to a SARIF JSON file - -```console -$ docker scout cves --format sarif --output alpine.sarif.json alpine -Analyzing image alpine -✓ SBOM of image already cached, 18 packages indexed -✓ No vulnerable package detected -✓ Report written to alpine.sarif.json -``` - -### Display markdown output - -The following example shows how to generate the vulnerability report as markdown. - -```console -$ docker scout cves --format markdown alpine -✓ Pulled -✓ SBOM of image already cached, 19 packages indexed -✗ Detected 1 vulnerable package with 3 vulnerabilities -

:mag: Vulnerabilities of alpine

- -
:package: Image Reference alpine - - - - - -
digestsha256:e3bd82196e98898cae9fe7fbfd6e2436530485974dc4fb3b7ddb69134eda2407
vulnerabilitiescritical: 0 high: 0 medium: 2 low: 0 unspecified: 1
platformlinux/arm64
size3.3 MB
packages19
-
- -... -``` - -### List all vulnerable packages of a certain type - -The following example shows how to generate a list of packages, only including -packages of the specified type, and only showing packages that are vulnerable. - -```console -$ docker scout cves --format only-packages --only-package-type golang --only-vuln-packages golang:1.18.0 -✓ Pulled -✓ SBOM of image already cached, 296 packages indexed -✗ Detected 1 vulnerable package with 40 vulnerabilities - -Name Version Type Vulnerabilities -─────────────────────────────────────────────────────────── -stdlib 1.18 golang 2C 29H 8M 1L -``` - -### Display EPSS score (--epss) - -The `--epss` flag adds [Exploit Prediction Scoring System (EPSS)](https://www.first.org/epss/) -scores to the `docker scout cves` output. EPSS scores are estimates of the likelihood (probability) -that a software vulnerability will be exploited in the wild in the next 30 days. -The higher the score, the greater the probability that a vulnerability will be exploited. - -```console {hl_lines="13,14"} -$ docker scout cves --epss nginx - ✓ Provenance obtained from attestation - ✓ SBOM obtained from attestation, 232 packages indexed - ✓ Pulled - ✗ Detected 23 vulnerable packages with a total of 39 vulnerabilities - -... - - ✗ HIGH CVE-2023-52425 - https://scout.docker.com/v/CVE-2023-52425 - Affected range : >=2.5.0-1 - Fixed version : not fixed - EPSS Score : 0.000510 - EPSS Percentile : 0.173680 -``` - -- `EPSS Score` is a floating point number between 0 and 1 representing the probability of exploitation in the wild in the next 30 days (following score publication). -- `EPSS Percentile` is the percentile of the current score, the proportion of all scored vulnerabilities with the same or a lower EPSS score. - -You can use the `--epss-score` and `--epss-percentile` flags to filter the output -of `docker scout cves` based on these scores. For example, -to only show vulnerabilities with an EPSS score higher than 0.5: - -```console -$ docker scout cves --epss --epss-score 0.5 nginx - ✓ SBOM of image already cached, 232 packages indexed - ✓ EPSS scores for 2024-03-01 already cached - ✗ Detected 1 vulnerable package with 1 vulnerability - -... - - ✗ LOW CVE-2023-44487 - https://scout.docker.com/v/CVE-2023-44487 - Affected range : >=1.22.1-9 - Fixed version : not fixed - EPSS Score : 0.705850 - EPSS Percentile : 0.979410 -``` - -EPSS scores are updated on a daily basis. -By default, the latest available score is displayed. -You can use the `--epss-date` flag to manually specify a date -in the format `yyyy-mm-dd` for fetching EPSS scores. - -```console -$ docker scout cves --epss --epss-date 2024-01-02 nginx -``` - -### List vulnerabilities from an SPDX file - -The following example shows how to generate a list of vulnerabilities from an SPDX file using `syft`. - -```console -$ syft -o spdx-json alpine:3.16.1 | docker scout cves sbom:// - ✔ Pulled image - ✔ Loaded image alpine:3.16.1 - ✔ Parsed image sha256:3d81c46cd8756ddb6db9ec36fa06a6fb71c287fb265232ba516739dc67a5f07d - ✔ Cataloged contents 274a317d88b54f9e67799244a1250cad3fe7080f45249fa9167d1f871218d35f - ├── ✔ Packages [14 packages] - ├── ✔ File digests [75 files] - ├── ✔ File metadata [75 locations] - └── ✔ Executables [16 executables] - ✗ Detected 2 vulnerable packages with a total of 11 vulnerabilities - - -## Overview - - │ Analyzed SBOM -────────────────────┼────────────────────────────── - Target │ - digest │ 274a317d88b5 - platform │ linux/arm64 - vulnerabilities │ 1C 2H 8M 0L - packages │ 15 - - -## Packages and Vulnerabilities - - 1C 0H 0M 0L zlib 1.2.12-r1 -pkg:apk/alpine/zlib@1.2.12-r1?arch=aarch64&distro=alpine-3.16.1 - - ✗ CRITICAL CVE-2022-37434 - https://scout.docker.com/v/CVE-2022-37434 - Affected range : <1.2.12-r2 - Fixed version : 1.2.12-r2 - - ... - -11 vulnerabilities found in 2 packages - CRITICAL 1 - HIGH 2 - MEDIUM 8 - LOW 0 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_docker-cli-plugin-hooks.md b/_vendor/github.com/docker/scout-cli/docs/scout_docker-cli-plugin-hooks.md deleted file mode 100644 index 8fbcd042036..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_docker-cli-plugin-hooks.md +++ /dev/null @@ -1,8 +0,0 @@ -# docker scout docker-cli-plugin-hooks - - -runs the plugins hooks - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_enroll.md b/_vendor/github.com/docker/scout-cli/docs/scout_enroll.md deleted file mode 100644 index b60fd3471f6..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_enroll.md +++ /dev/null @@ -1,11 +0,0 @@ -# docker scout enroll - - -Enroll an organization with Docker Scout - - - - -## Description - -The `docker scout enroll` command enrolls an organization with Docker Scout. diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_environment.md b/_vendor/github.com/docker/scout-cli/docs/scout_environment.md deleted file mode 100644 index 4f019ff35ce..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_environment.md +++ /dev/null @@ -1,58 +0,0 @@ -# docker scout environment - - -Manage environments (experimental) - -### Aliases - -`docker scout environment`, `docker scout env` - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:-------------------------------------| -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to record | - - - - -## Description - -The `docker scout environment` command lists the environments. -If you pass an image reference, the image is recorded to the specified environment. - -Once recorded, environments can be referred to by their name. For example, -you can refer to the `production` environment with the `docker scout compare` -command as follows: - -```console -$ docker scout compare --to-env production -``` - -## Examples - -### List existing environments - -```console -$ docker scout environment -prod -staging -``` - -### List images of an environment - -```console -$ docker scout environment staging -namespace/repo:tag@sha256:9a4df4fadc9bbd44c345e473e0688c2066a6583d4741679494ba9228cfd93e1b -namespace/other-repo:tag@sha256:0001d6ce124855b0a158569c584162097fe0ca8d72519067c2c8e3ce407c580f -``` - -### Record an image to an environment, for a specific platform - -```console -$ docker scout environment staging namespace/repo:stage-latest --platform linux/amd64 -✓ Pulled -✓ Successfully recorded namespace/repo:stage-latest in environment staging -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_help.md b/_vendor/github.com/docker/scout-cli/docs/scout_help.md deleted file mode 100644 index ec152c6aaf9..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_help.md +++ /dev/null @@ -1,8 +0,0 @@ -# docker scout help - - -Display information about the available commands - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration.md deleted file mode 100644 index 6e2a5cff1f2..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration.md +++ /dev/null @@ -1,16 +0,0 @@ -# docker scout integration - - -Commands to list, configure, and delete Docker Scout integrations - -### Subcommands - -| Name | Description | -|:----------------------------------------------|:----------------------------------------------------| -| [`configure`](scout_integration_configure.md) | Configure or update a new integration configuration | -| [`delete`](scout_integration_delete.md) | Delete a new integration configuration | -| [`list`](scout_integration_list.md) | List integrations which can be installed | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md deleted file mode 100644 index 521193ae3bc..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration_configure.md +++ /dev/null @@ -1,16 +0,0 @@ -# docker scout integration configure - - -Configure or update a new integration configuration - -### Options - -| Name | Type | Default | Description | -|:--------------|:--------------|:--------|:-------------------------------------------------------------| -| `--name` | `string` | | Name of integration configuration to create | -| `--org` | `string` | | Namespace of the Docker organization | -| `--parameter` | `stringSlice` | | Integration parameters in the form of --parameter NAME=VALUE | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md deleted file mode 100644 index 0a68c8adcaf..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration_delete.md +++ /dev/null @@ -1,15 +0,0 @@ -# docker scout integration delete - - -Delete a new integration configuration - -### Options - -| Name | Type | Default | Description | -|:---------|:---------|:--------|:--------------------------------------------| -| `--name` | `string` | | Name of integration configuration to delete | -| `--org` | `string` | | Namespace of the Docker organization | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_integration_list.md b/_vendor/github.com/docker/scout-cli/docs/scout_integration_list.md deleted file mode 100644 index 5e906f9210e..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_integration_list.md +++ /dev/null @@ -1,14 +0,0 @@ -# docker scout integration list - - -List integrations which can be installed - -### Options - -| Name | Type | Default | Description | -|:---------|:---------|:--------|:------------------------------------------| -| `--name` | `string` | | Name of integration configuration to list | -| `--org` | `string` | | Namespace of the Docker organization | - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_policy.md b/_vendor/github.com/docker/scout-cli/docs/scout_policy.md deleted file mode 100644 index 46735c018d7..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_policy.md +++ /dev/null @@ -1,52 +0,0 @@ -# docker scout policy - - -Evaluate policies against an image and display the policy evaluation results (experimental) - -### Options - -| Name | Type | Default | Description | -|:--------------------|:--------------|:--------|:------------------------------------------------------------| -| `-e`, `--exit-code` | | | Return exit code '2' if policies are not met, '0' otherwise | -| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to pull policy results from | -| `--to-env` | `string` | | Name of the environment to compare to | -| `--to-latest` | | | Latest image processed to compare to | - - - - -## Description - -The `docker scout policy` command evaluates policies against an image. -The image analysis is uploaded to Docker Scout where policies get evaluated. - -The policy evaluation results may take a few minutes to become available. - -## Examples - -### Evaluate policies against an image and display the results - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 -``` - -### Evaluate policies against an image for a specific organization - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --org dockerscoutpolicy -``` - -### Evaluate policies against an image with a specific platform - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --platform linux/amd64 -``` - -### Compare policy results for a repository in a specific environment - -```console -$ docker scout policy dockerscoutpolicy/customers-api-service --to-env production -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_push.md b/_vendor/github.com/docker/scout-cli/docs/scout_push.md deleted file mode 100644 index 3e97c6be94c..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_push.md +++ /dev/null @@ -1,32 +0,0 @@ -# docker scout push - - -Push an image or image index to Docker Scout - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:-------------------------------------------------------------------| -| `--author` | `string` | | Name of the author of the image | -| `--dry-run` | | | Do not push the image but process it | -| `--org` | `string` | | Namespace of the Docker organization to which image will be pushed | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to be pushed | -| `--sbom` | | | Create and upload SBOMs | -| `--secrets` | | | Scan for secrets in the image | -| `--timestamp` | `string` | | Timestamp of image or tag creation | - - - - -## Description - -The `docker scout push` command lets you push an image or analysis result to Docker Scout. - -## Examples - -### Push an image to Docker Scout - -```console -$ docker scout push --org my-org registry.example.com/repo:tag -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md b/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md deleted file mode 100644 index b7e139d9381..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_quickview.md +++ /dev/null @@ -1,101 +0,0 @@ -# docker scout quickview - - -Quick overview of an image - -### Aliases - -`docker scout quickview`, `docker scout qv` - -### Options - -| Name | Type | Default | Description | -|:----------------------|:--------------|:--------------------|:--------------------------------------------------------------------------------------------------------| -| `--env` | `string` | | Name of the environment | -| `--ignore-suppressed` | | | Filter CVEs found in Scout exceptions based on the specified exception scope | -| `--latest` | | | Latest indexed image | -| `--only-policy` | `stringSlice` | | Comma separated list of policies to evaluate | -| `--only-vex-affected` | | | Filter CVEs by VEX statements with status not affected | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--vex-author` | `stringSlice` | `[<.*@docker.com>]` | List of VEX statement authors to accept | -| `--vex-location` | `stringSlice` | | File location of directory or file containing VEX statements | - - - - -## Description - -The `docker scout quickview` command displays a quick overview of an image. -It displays a summary of the vulnerabilities in the specified image -and vulnerabilities from the base image. -If available, it also displays base image refresh and update recommendations. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file -- `sbom://` SPDX file or in-toto attestation file with SPDX predicate or `syft` json SBOM file - In case of `sbom://` prefix, if the file is not defined then it will try to read it from the standard input. - -## Examples - -### Quick overview of an image - -```console -$ docker scout quickview golang:1.19.4 - ...Pulling - ✓ Pulled - ✓ SBOM of image already cached, 278 packages indexed - - Your image golang:1.19.4 │ 5C 3H 6M 63L - Base image buildpack-deps:bullseye-scm │ 5C 1H 3M 48L 6? - Refreshed base image buildpack-deps:bullseye-scm │ 0C 0H 0M 42L - │ -5 -1 -3 -6 -6 - Updated base image buildpack-deps:sid-scm │ 0C 0H 1M 29L - │ -5 -1 -2 -19 -6 -``` - -### Quick overview of the most recently built image - -```console -$ docker scout qv -``` - -### Quick overview from an SPDX file - -```console -$ syft -o spdx-json alpine:3.16.1 | docker scout quickview sbom:// - ✔ Loaded image alpine:3.16.1 - ✔ Parsed image sha256:3d81c46cd8756ddb6db9ec36fa06a6fb71c287fb265232ba516739dc67a5f07d - ✔ Cataloged contents 274a317d88b54f9e67799244a1250cad3fe7080f45249fa9167d1f871218d35f - ├── ✔ Packages [14 packages] - ├── ✔ File digests [75 files] - ├── ✔ File metadata [75 locations] - └── ✔ Executables [16 executables] - - Target │ │ 1C 2H 8M 0L - digest │ 274a317d88b5 │ -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md b/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md deleted file mode 100644 index f1ccdf64fee..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_recommendations.md +++ /dev/null @@ -1,71 +0,0 @@ -# docker scout recommendations - - -Display available base image updates and remediation recommendations - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:--------------------------------------------------------------------------------------------------------| -| `--only-refresh` | | | Only display base image refresh recommendations | -| `--only-update` | | | Only display base image update recommendations | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--tag` | `string` | | Specify tag | - - - - -## Description - -The `docker scout recommendations` command display recommendations for base images updates. -It analyzes the image and display recommendations to refresh or update the base image. -For each recommendation it shows a list of benefits, such as -fewer vulnerabilities or smaller image size. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file - -## Examples - -### Display base image update recommendations - -```console -$ docker scout recommendations golang:1.19.4 -``` - -### Display base image refresh only recommendations - -```console -$ docker scout recommendations --only-refresh golang:1.19.4 -``` - -### Display base image update only recommendations - -```console -$ docker scout recommendations --only-update golang:1.19.4 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo.md deleted file mode 100644 index 1f2038ea757..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo.md +++ /dev/null @@ -1,17 +0,0 @@ -# docker scout repo - - -Commands to list, enable, and disable Docker Scout on repositories - -### Subcommands - -| Name | Description | -|:-----------------------------------|:-------------------------------| -| [`disable`](scout_repo_disable.md) | Disable Docker Scout | -| [`enable`](scout_repo_enable.md) | Enable Docker Scout | -| [`list`](scout_repo_list.md) | List Docker Scout repositories | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md deleted file mode 100644 index 24842906b81..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_disable.md +++ /dev/null @@ -1,43 +0,0 @@ -# docker scout repo disable - - -Disable Docker Scout - -### Options - -| Name | Type | Default | Description | -|:----------------|:---------|:--------|:-----------------------------------------------------------------------------| -| `--all` | | | Disable all repositories of the organization. Can not be used with --filter. | -| `--filter` | `string` | | Regular expression to filter repositories by name | -| `--integration` | `string` | | Name of the integration to use for enabling an image | -| `--org` | `string` | | Namespace of the Docker organization | -| `--registry` | `string` | | Container Registry | - - - - -## Examples - -### Disable a specific repository - -```console -$ docker scout repo disable my/repository -``` - -### Disable all repositories of the organization - -```console -$ docker scout repo disable --all -``` - -### Disable some repositories based on a filter - -```console -$ docker scout repo disable --filter namespace/backend -``` - -### Disable a repository from a specific registry - -```console -$ docker scout repo disable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md deleted file mode 100644 index 3065a68bccd..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_enable.md +++ /dev/null @@ -1,43 +0,0 @@ -# docker scout repo enable - - -Enable Docker Scout - -### Options - -| Name | Type | Default | Description | -|:----------------|:---------|:--------|:----------------------------------------------------------------------------| -| `--all` | | | Enable all repositories of the organization. Can not be used with --filter. | -| `--filter` | `string` | | Regular expression to filter repositories by name | -| `--integration` | `string` | | Name of the integration to use for enabling an image | -| `--org` | `string` | | Namespace of the Docker organization | -| `--registry` | `string` | | Container Registry | - - - - -## Examples - -### Enable a specific repository - -```console -$ docker scout repo enable my/repository -``` - -### Enable all repositories of the organization - -```console -$ docker scout repo enable --all -``` - -### Enable some repositories based on a filter - -```console -$ docker scout repo enable --filter namespace/backend -``` - -### Enable a repository from a specific registry - -```console -$ docker scout repo enable my/repository --registry 123456.dkr.ecr.us-east-1.amazonaws.com -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_repo_list.md b/_vendor/github.com/docker/scout-cli/docs/scout_repo_list.md deleted file mode 100644 index 1e2d740574e..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_repo_list.md +++ /dev/null @@ -1,18 +0,0 @@ -# docker scout repo list - - -List Docker Scout repositories - -### Options - -| Name | Type | Default | Description | -|:------------------|:---------|:--------|:---------------------------------------------------------------------------| -| `--filter` | `string` | | Regular expression to filter repositories by name | -| `--only-disabled` | | | Filter to disabled repositories only | -| `--only-enabled` | | | Filter to enabled repositories only | -| `--only-registry` | `string` | | Filter to a specific registry only:
- hub.docker.com
- ecr (AWS ECR) | -| `--org` | `string` | | Namespace of the Docker organization | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md b/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md deleted file mode 100644 index a335d5f83f2..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_sbom.md +++ /dev/null @@ -1,83 +0,0 @@ -# docker scout sbom - - -Generate or display SBOM of an image - -### Options - -| Name | Type | Default | Description | -|:----------------------|:--------------|:--------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `--format` | `string` | `json` | Output format:
- list: list of packages of the image
- json: json representation of the SBOM
- spdx: spdx representation of the SBOM
- cyclonedx: cyclone dx representation of the SBOM | -| `--only-package-type` | `stringSlice` | | Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)
Can only be used with --format list | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | - - - - -## Description - -The `docker scout sbom` command analyzes a software artifact to generate a -Software Bill Of Materials (SBOM). - -The SBOM contains a list of all packages in the image. -You can use the `--format` flag to filter the output of the command -to display only packages of a specific type. - -If no image is specified, the most recently built image is used. - -The following artifact types are supported: - -- Images -- OCI layout directories -- Tarball archives, as created by `docker save` -- Local directory or file - -By default, the tool expects an image reference, such as: - -- `redis` -- `curlimages/curl:7.87.0` -- `mcr.microsoft.com/dotnet/runtime:7.0` - -If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, -or if you want to control from where the image will be resolved, you must prefix the reference with one of the following: - -- `image://` (default) use a local image, or fall back to a registry lookup -- `local://` use an image from the local image store (don't do a registry lookup) -- `registry://` use an image from a registry (don't use a local image) -- `oci-dir://` use an OCI layout directory -- `archive://` use a tarball archive, as created by `docker save` -- `fs://` use a local directory or file - -## Examples - -### Display the list of packages - -```console -$ docker scout sbom --format list alpine -``` - -### Only display packages of a specific type - -```console - $ docker scout sbom --format list --only-package-type apk alpine -``` - -### Display the full SBOM in JSON format - -```console -$ docker scout sbom alpine -``` - -### Display the full SBOM of the most recently built image - -```console -$ docker scout sbom -``` - -### Write SBOM to a file - -```console -$ docker scout sbom --output alpine.sbom alpine -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_stream.md b/_vendor/github.com/docker/scout-cli/docs/scout_stream.md deleted file mode 100644 index 886df3e6cf0..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_stream.md +++ /dev/null @@ -1,47 +0,0 @@ -# docker scout stream - - -Manage streams (experimental) - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:--------|:-------------------------------------| -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to record | - - - - -## Description - -The `docker scout stream` command lists the deployment streams and records an image to it. - -Once recorded, streams can be referred to by their name, eg. in the `docker scout compare` command using `--to-stream`. - -## Examples - -### List existing streams - -```console -$ %[1]s %[2]s -prod-cluster-123 -stage-cluster-234 -``` - -### List images of a stream - -```console -$ %[1]s %[2]s prod-cluster-123 -namespace/repo:tag@sha256:9a4df4fadc9bbd44c345e473e0688c2066a6583d4741679494ba9228cfd93e1b -namespace/other-repo:tag@sha256:0001d6ce124855b0a158569c584162097fe0ca8d72519067c2c8e3ce407c580f -``` - -### Record an image to a stream, for a specific platform - -```console -$ %[1]s %[2]s stage-cluster-234 namespace/repo:stage-latest --platform linux/amd64 -✓ Pulled -✓ Successfully recorded namespace/repo:stage-latest in stream stage-cluster-234 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_version.md b/_vendor/github.com/docker/scout-cli/docs/scout_version.md deleted file mode 100644 index 5365123c05d..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_version.md +++ /dev/null @@ -1,38 +0,0 @@ -# docker scout version - -``` -docker scout version -``` - - -Show Docker Scout version information - - - - -## Examples - -```console -$ docker scout version - - ⢀⢀⢀ ⣀⣀⡤⣔⢖⣖⢽⢝ - ⡠⡢⡣⡣⡣⡣⡣⡣⡢⡀ ⢀⣠⢴⡲⣫⡺⣜⢞⢮⡳⡵⡹⡅ - ⡜⡜⡜⡜⡜⡜⠜⠈⠈ ⠁⠙⠮⣺⡪⡯⣺⡪⡯⣺ - ⢘⢜⢜⢜⢜⠜ ⠈⠪⡳⡵⣹⡪⠇ - ⠨⡪⡪⡪⠂ ⢀⡤⣖⢽⡹⣝⡝⣖⢤⡀ ⠘⢝⢮⡚ _____ _ - ⠱⡱⠁ ⡴⡫⣞⢮⡳⣝⢮⡺⣪⡳⣝⢦ ⠘⡵⠁ / ____| Docker | | - ⠁ ⣸⢝⣕⢗⡵⣝⢮⡳⣝⢮⡺⣪⡳⣣ ⠁ | (___ ___ ___ _ _| |_ - ⣗⣝⢮⡳⣝⢮⡳⣝⢮⡳⣝⢮⢮⡳ \___ \ / __/ _ \| | | | __| - ⢀ ⢱⡳⡵⣹⡪⡳⣝⢮⡳⣝⢮⡳⡣⡏ ⡀ ____) | (_| (_) | |_| | |_ - ⢀⢾⠄ ⠫⣞⢮⡺⣝⢮⡳⣝⢮⡳⣝⠝ ⢠⢣⢂ |_____/ \___\___/ \__,_|\__| - ⡼⣕⢗⡄ ⠈⠓⠝⢮⡳⣝⠮⠳⠙ ⢠⢢⢣⢣ - ⢰⡫⡮⡳⣝⢦⡀ ⢀⢔⢕⢕⢕⢕⠅ - ⡯⣎⢯⡺⣪⡳⣝⢖⣄⣀ ⡀⡠⡢⡣⡣⡣⡣⡣⡃ -⢸⢝⢮⡳⣝⢮⡺⣪⡳⠕⠗⠉⠁ ⠘⠜⡜⡜⡜⡜⡜⡜⠜⠈ -⡯⡳⠳⠝⠊⠓⠉ ⠈⠈⠈⠈ - - - -version: v1.0.9 (go1.21.3 - darwin/arm64) -git commit: 8bf95bf60d084af341f70e8263342f71b0a3cd16 -``` diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_vex.md b/_vendor/github.com/docker/scout-cli/docs/scout_vex.md deleted file mode 100644 index 4ac3db0726b..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_vex.md +++ /dev/null @@ -1,19 +0,0 @@ -# docker scout vex - - -Manage VEX attestations on images - -### Aliases - -`docker scout vex`, `docker scout vex` - -### Subcommands - -| Name | Description | -|:--------------------------|:------------------------------| -| [`get`](scout_vex_get.md) | Get VEX attestation for image | - - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_vex_get.md b/_vendor/github.com/docker/scout-cli/docs/scout_vex_get.md deleted file mode 100644 index b7c9623dd7e..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_vex_get.md +++ /dev/null @@ -1,20 +0,0 @@ -# docker scout vex get - - -Get VEX attestation for image - -### Options - -| Name | Type | Default | Description | -|:-----------------|:---------|:-----------------------------------------------------------|:--------------------------------------------------------------------------------------------------------| -| `--key` | `string` | `https://registry.scout.docker.com/keyring/dhi/latest.pub` | Signature key to use for verification | -| `--org` | `string` | | Namespace of the Docker organization | -| `-o`, `--output` | `string` | | Write the report to a file | -| `--platform` | `string` | | Platform of image to analyze | -| `--ref` | `string` | | Reference to use if the provided tarball contains multiple references.
Can only be used with archive | -| `--skip-tlog` | | | Skip signature verification against public transaction log | -| `--verify` | | | Verify the signature on the attestation | - - - - diff --git a/_vendor/github.com/docker/scout-cli/docs/scout_watch.md b/_vendor/github.com/docker/scout-cli/docs/scout_watch.md deleted file mode 100644 index 6fb14a197b9..00000000000 --- a/_vendor/github.com/docker/scout-cli/docs/scout_watch.md +++ /dev/null @@ -1,122 +0,0 @@ -# docker scout watch - - -Watch repositories in a registry and push images and indexes to Docker Scout (experimental) - -### Options - -| Name | Type | Default | Description | -|:---------------------|:--------------|:--------|:------------------------------------------------------------------------------------| -| `--all-images` | | | Push all images instead of only the ones pushed during the watch command is running | -| `--dry-run` | | | Watch images and prepare them, but do not push them | -| `--interval` | `int64` | `60` | Interval in seconds between checks | -| `--org` | `string` | | Namespace of the Docker organization to which image will be pushed | -| `--refresh-registry` | | | Refresh the list of repositories of a registry at every run. Only with --registry. | -| `--registry` | `string` | | Registry to watch | -| `--repository` | `stringSlice` | | Repository to watch | -| `--sbom` | | | Create and upload SBOMs | -| `--tag` | `stringSlice` | | Regular expression to match tags to watch | -| `--workers` | `int` | `3` | Number of concurrent workers | - - - - -## Description - -The `docker scout watch` command watches repositories in a registry -and pushes images or analysis results to Docker Scout. - -## Examples - -### Watch for new images from two repositories and push them - -```console -$ docker scout watch --org my-org --repository registry-1.example.com/repo-1 --repository registry-2.example.com/repo-2 -``` - -### Only push images with a specific tag - -```console -$ docker scout watch --org my-org --repository registry.example.com/my-service --tag latest -``` - -### Watch all repositories of a registry - -```console -$ docker scout watch --org my-org --registry registry.example.com -``` - -### Push all images and not just the new ones - -```console -$ docker scout watch --org my-org --repository registry.example.com/my-service --all-images -``` - -### Configure Artifactory integration - -The following example creates a web hook endpoint for Artifactory to push new -image events into: - -```console -$ export DOCKER_SCOUT_ARTIFACTORY_API_USER=user -$ export DOCKER_SCOUT_ARTIFACTORY_API_PASSWORD=password -$ export DOCKER_SCOUT_ARTIFACTORY_WEBHOOK_SECRET=foo - -$ docker scout watch --registry "type=artifactory,registry=example.jfrog.io,api=https://example.jfrog.io/artifactory,include=*/frontend*,exclude=*/dta/*,repository=docker-local,port=9000,subdomain-mode=true" --refresh-registry -``` - -This will launch an HTTP server on port `9000` that will receive all `component` web -hook events, optionally validating the HMAC signature. - -### Configure Harbor integration - -The following example creates a web hook endpoint for Harbor to push new image -events into: - -```console -$ export DOCKER_SCOUT_HARBOR_API_USER=admin -$ export DOCKER_SCOUT_HARBOR_API_PASSWORD=password -$ export DOCKER_SCOUT_HARBOR_WEBHOOK_AUTH="token foo" - -$ docker scout watch --registry 'type=harbor,registry=demo.goharbor.io,api=https://demo.goharbor.io,include=*/foo/*,exclude=*/bar/*,port=9000' --refresh-registry -``` - -This will launch an HTTP server on port `9000` that will receive all `component` web -hook events, optionally validating the HMAC signature. - -### Configure Nexus integration - -The following example shows how to configure Sonartype Nexus integration: - -```console -$ export DOCKER_SCOUT_NEXUS_API_USER=admin -$ export DOCKER_SCOUT_NEXUS_API_PASSWORD=admin124 - -$ docker scout watch --registry 'type=nexus,registry=localhost:8082,api=http://localhost:8081,include=*/foo/*,exclude=*/bar/*,"repository=docker-test1,docker-test2"' --refresh-registry -``` - -This ingests all images and tags in Nexus repositories called `docker-test1` -and `docker-test2` that match the `*/foo/*` include and `*/bar/*` exclude glob -pattern. - -You can also create a web hook endpoint for Nexus to push new image events into: - -```console -$ export DOCKER_SCOUT_NEXUS_API_USER=admin -$ export DOCKER_SCOUT_NEXUS_API_PASSWORD=admin124 -$ export DOCKER_SCOUT_NEXUS_WEBHOOK_SECRET=mysecret - -$ docker scout watch --registry 'type=nexus,registry=localhost:8082,api=http://localhost:8081,include=*/foo/*,exclude=*/bar/*,"repository=docker-test1,docker-test2",port=9000' --refresh-registry -``` - -This will launch an HTTP server on port `9000` that will receive all `component` web -hook events, optionally validating the HMAC signature. - -## Configure integration for other OCI registries - -The following example shows how to integrate an OCI registry that implements the -`_catalog` endpoint: - -```console -$ docker scout watch --registry 'type=oci,registry=registry.example.com,include=*/scout-artifact-registry/*' -``` \ No newline at end of file diff --git a/_vendor/modules.txt b/_vendor/modules.txt index 0e650738fb8..b2d64e77ff5 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -5,4 +5,3 @@ # github.com/docker/compose/v5 v5.0.1 # github.com/docker/model-runner/cmd/cli v1.0.3 # github.com/docker/mcp-gateway v0.22.0 -# github.com/docker/scout-cli v1.18.4 diff --git a/content/manuals/engine/security/https/README.md b/content/manuals/engine/security/https/README.md index 3ba70493879..ea427151c22 100644 --- a/content/manuals/engine/security/https/README.md +++ b/content/manuals/engine/security/https/README.md @@ -1,5 +1,5 @@ --- -_build: +build: list: never publishResources: false render: never diff --git a/content/reference/cli/docker/README.md b/content/reference/cli/docker/README.md index 4fcc5bb1c6a..f2d405a0a69 100644 --- a/content/reference/cli/docker/README.md +++ b/content/reference/cli/docker/README.md @@ -1,5 +1,5 @@ --- -_build: +build: list: never publishResources: false render: never diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout.yaml b/data/scout-cli/docker_scout.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout.yaml rename to data/scout-cli/docker_scout.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_attestation.yaml b/data/scout-cli/docker_scout_attestation.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_attestation.yaml rename to data/scout-cli/docker_scout_attestation.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_add.yaml b/data/scout-cli/docker_scout_attestation_add.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_add.yaml rename to data/scout-cli/docker_scout_attestation_add.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_get.yaml b/data/scout-cli/docker_scout_attestation_get.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_get.yaml rename to data/scout-cli/docker_scout_attestation_get.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_list.yaml b/data/scout-cli/docker_scout_attestation_list.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_attestation_list.yaml rename to data/scout-cli/docker_scout_attestation_list.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml b/data/scout-cli/docker_scout_cache.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cache.yaml rename to data/scout-cli/docker_scout_cache.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml b/data/scout-cli/docker_scout_cache_df.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cache_df.yaml rename to data/scout-cli/docker_scout_cache_df.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml b/data/scout-cli/docker_scout_cache_prune.yaml similarity index 97% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml rename to data/scout-cli/docker_scout_cache_prune.yaml index 2d5f7de568a..abf68bb6b7f 100644 --- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cache_prune.yaml +++ b/data/scout-cli/docker_scout_cache_prune.yaml @@ -60,7 +60,7 @@ examples: |- ✓ temporary data deleted ``` - ### Delete temporary _and_ cache data + ### Delete temporary and cache data ```console $ docker scout cache prune --sboms diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml b/data/scout-cli/docker_scout_compare.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_compare.yaml rename to data/scout-cli/docker_scout_compare.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml b/data/scout-cli/docker_scout_config.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_config.yaml rename to data/scout-cli/docker_scout_config.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml b/data/scout-cli/docker_scout_cves.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_cves.yaml rename to data/scout-cli/docker_scout_cves.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_docker-cli-plugin-hooks.yaml b/data/scout-cli/docker_scout_docker-cli-plugin-hooks.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_docker-cli-plugin-hooks.yaml rename to data/scout-cli/docker_scout_docker-cli-plugin-hooks.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml b/data/scout-cli/docker_scout_enroll.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_enroll.yaml rename to data/scout-cli/docker_scout_enroll.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml b/data/scout-cli/docker_scout_environment.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_environment.yaml rename to data/scout-cli/docker_scout_environment.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml b/data/scout-cli/docker_scout_help.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_help.yaml rename to data/scout-cli/docker_scout_help.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml b/data/scout-cli/docker_scout_integration.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration.yaml rename to data/scout-cli/docker_scout_integration.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml b/data/scout-cli/docker_scout_integration_configure.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration_configure.yaml rename to data/scout-cli/docker_scout_integration_configure.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml b/data/scout-cli/docker_scout_integration_delete.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration_delete.yaml rename to data/scout-cli/docker_scout_integration_delete.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml b/data/scout-cli/docker_scout_integration_list.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_integration_list.yaml rename to data/scout-cli/docker_scout_integration_list.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml b/data/scout-cli/docker_scout_policy.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_policy.yaml rename to data/scout-cli/docker_scout_policy.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml b/data/scout-cli/docker_scout_push.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_push.yaml rename to data/scout-cli/docker_scout_push.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml b/data/scout-cli/docker_scout_quickview.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_quickview.yaml rename to data/scout-cli/docker_scout_quickview.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml b/data/scout-cli/docker_scout_recommendations.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_recommendations.yaml rename to data/scout-cli/docker_scout_recommendations.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml b/data/scout-cli/docker_scout_repo.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo.yaml rename to data/scout-cli/docker_scout_repo.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml b/data/scout-cli/docker_scout_repo_disable.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo_disable.yaml rename to data/scout-cli/docker_scout_repo_disable.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml b/data/scout-cli/docker_scout_repo_enable.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo_enable.yaml rename to data/scout-cli/docker_scout_repo_enable.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml b/data/scout-cli/docker_scout_repo_list.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_repo_list.yaml rename to data/scout-cli/docker_scout_repo_list.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml b/data/scout-cli/docker_scout_sbom.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_sbom.yaml rename to data/scout-cli/docker_scout_sbom.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml b/data/scout-cli/docker_scout_stream.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_stream.yaml rename to data/scout-cli/docker_scout_stream.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml b/data/scout-cli/docker_scout_version.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_version.yaml rename to data/scout-cli/docker_scout_version.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_vex.yaml b/data/scout-cli/docker_scout_vex.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_vex.yaml rename to data/scout-cli/docker_scout_vex.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_vex_get.yaml b/data/scout-cli/docker_scout_vex_get.yaml similarity index 100% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_vex_get.yaml rename to data/scout-cli/docker_scout_vex_get.yaml diff --git a/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml b/data/scout-cli/docker_scout_watch.yaml similarity index 98% rename from _vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml rename to data/scout-cli/docker_scout_watch.yaml index 2d5368c5105..24e1f6844b0 100644 --- a/_vendor/github.com/docker/scout-cli/docs/docker_scout_watch.yaml +++ b/data/scout-cli/docker_scout_watch.yaml @@ -1,6 +1,6 @@ command: docker scout watch short: | - Watch repositories in a registry and push images and indexes to Docker Scout (experimental) + Watch repositories in a registry and push images and indexes to Docker Scout long: | The docker scout watch command watches repositories in a registry and pushes images or image indexes to Docker Scout. usage: docker scout watch @@ -131,7 +131,7 @@ inherited_options: examples: " Watch for new images from two repositories and push them\n $ docker scout watch --org my-org --repository registry-1.example.com/repo-1 --repository registry-2.example.com/repo-2\e[0m\n\n Only push images with a specific tag\n $ docker scout watch --org my-org --repository registry.example.com/my-service --tag latest\e[0m\n\n Watch all repositories of a registry\n $ docker scout watch --org my-org --registry registry.example.com\e[0m\n\n Push all images and not just the new ones\n $ docker scout watch --org my-org --repository registry.example.com/my-service --all-images\e[0m" deprecated: false experimental: false -experimentalcli: true +experimentalcli: false kubernetes: false swarm: false diff --git a/go.mod b/go.mod index a70c159eee8..5180a7f6bc3 100644 --- a/go.mod +++ b/go.mod @@ -37,7 +37,6 @@ require ( github.com/docker/model-runner v1.0.3 // indirect github.com/docker/model-runner/cmd/cli v1.0.3 // indirect github.com/docker/model-runner/pkg/go-containerregistry v0.0.0-20251121150728-6951a2a36575 // indirect - github.com/docker/scout-cli v1.18.4 // indirect github.com/elastic/go-sysinfo v1.15.4 // indirect github.com/elastic/go-windows v1.0.2 // indirect github.com/emirpasic/gods/v2 v2.0.0-alpha // indirect @@ -137,7 +136,6 @@ replace ( github.com/docker/compose/v5 => github.com/docker/compose/v5 v5.0.1 github.com/docker/mcp-gateway => github.com/docker/mcp-gateway v0.22.0 github.com/docker/model-runner/cmd/cli => github.com/docker/model-runner/cmd/cli v1.0.3 - github.com/docker/scout-cli => github.com/docker/scout-cli v1.18.4 github.com/moby/buildkit => github.com/moby/buildkit v0.26.0 github.com/moby/moby/api => github.com/moby/moby/api v1.52.0 ) diff --git a/go.sum b/go.sum index 1e78efee196..23171496022 100644 --- a/go.sum +++ b/go.sum @@ -72,8 +72,6 @@ github.com/docker/model-runner/cmd/cli v1.0.3 h1:oycm6fHwhFBNM47Y2Ka7nUSsrbSG3FL github.com/docker/model-runner/cmd/cli v1.0.3/go.mod h1:86LCLsk93vuevYRDKoBxwGusyGlW+UnKCnbXJ7m6Zjo= github.com/docker/model-runner/pkg/go-containerregistry v0.0.0-20251121150728-6951a2a36575 h1:N2yLWYSZFTVLkLTh8ux1Z0Nug/F78pXsl2KDtbWhe+Y= github.com/docker/model-runner/pkg/go-containerregistry v0.0.0-20251121150728-6951a2a36575/go.mod h1:gbdiY0X8gr0J88OfUuRD29JXCWT9jgHzPmrqTlO15BM= -github.com/docker/scout-cli v1.18.4 h1:Td+SSA55WlD7gmrNaBe0imgfVzzQjlfb/prwBn9GOSw= -github.com/docker/scout-cli v1.18.4/go.mod h1:Eo1RyCJsx3ldz/YTY5yGxu9g9mwTYbRUutxQUkow3Fc= github.com/elastic/go-sysinfo v1.15.4 h1:A3zQcunCxik14MgXu39cXFXcIw2sFXZ0zL886eyiv1Q= github.com/elastic/go-sysinfo v1.15.4/go.mod h1:ZBVXmqS368dOn/jvijV/zHLfakWTYHBZPk3G244lHrU= github.com/elastic/go-windows v1.0.2 h1:yoLLsAsV5cfg9FLhZ9EXZ2n2sQFKeDYrHenkcivY4vI= diff --git a/hugo.yaml b/hugo.yaml index fb1ed05e938..bc4bde92e1d 100644 --- a/hugo.yaml +++ b/hugo.yaml @@ -15,9 +15,9 @@ taxonomies: # Remove the /manuals prefix for content in the manuals section permalinks: page: - manuals: /:sections[1:]/:slugorfilename/ + manuals: /:sections[1:]/:slugorcontentbasename/ section: - manuals: /:sections[1:]/:slugorfilename/ + manuals: /:sections[1:]/ markup: tableOfContents: @@ -342,10 +342,3 @@ module: - source: docs/generator/reference target: data/mcp-cli includeFiles: "*.yaml" - - # Scout CLI plugin (public dist repo) - - path: github.com/docker/scout-cli - mounts: - - source: docs - target: data/scout-cli - includeFiles: "*.yaml" diff --git a/hugo_stats.json b/hugo_stats.json deleted file mode 100644 index 88e02b5a386..00000000000 --- a/hugo_stats.json +++ /dev/null @@ -1,616 +0,0 @@ -{ - "htmlElements": { - "tags": null, - "classes": [ - "--mount", - "--tmpfs", - "-mt-8", - "-top-10", - "-top-16", - "-v", - "-z-10", - ".NET", - "2xl:flex", - "API", - "AWS-Route-53", - "Admin-Console", - "After", - "After-multi-stage", - "After-single-stage", - "Angular", - "Apt", - "Arch", - "Arch-Linux", - "Azure-Connect-OIDC", - "Azure-DevOps", - "Bake", - "Bash", - "Before", - "Before-DOI", - "Before-Wolfi", - "Bulk-users", - "CLI", - "CentOS-RHEL-and-Fedora", - "Circle-CI", - "Clone-with-git", - "Command-Prompt", - "Command-Prompt-CLI", - "Command-line-setup", - "Compliant", - "Covered", - "Custom-builder", - "DSOS-Legacy-DVP-programs", - "DVP-program", - "Debian", - "Desktop-app", - "Diff", - "Docker-Build-Cloud", - "Docker-Desktop", - "Docker-Engine", - "Docker-Home", - "Docker-Hub", - "Docker-Offload", - "Docker-Scout", - "Docker-Scout-Dashboard", - "Docker-subscription", - "Download", - "Enable-for-a-given-project", - "Enable-globally", - "Entra-ID", - "Entra-ID-OIDC", - "Entra-ID-SAML-2.0", - "Entra-ID/Azure-AD-OIDC-and-SAML-2.0", - "Entra-ID/Azure-AD-SAML-2.0-and-OIDC", - "External-cloud-storage", - "Fedora", - "For-Mac-with-Apple-silicon", - "For-Mac-with-Intel-chip", - "For-authenticated-access", - "For-public-repositories-only", - "From-Docker-Desktop", - "From-the-Docker-CLI", - "From-the-GUI", - "From-the-command-line", - "GUI", - "Git-Bash", - "Git-Bash-CLI", - "GitLab", - "Go", - "GoDaddy", - "Google-Cloud-DNS", - "Group-Policy-deployment", - "HTTP", - "Heredocs", - "Hyper-V-backend-x86_64", - "Individual-users", - "Inline", - "Installation-time-setup", - "Instant-verification", - "JSON", - "JSON-file", - "Java", - "JavaScript", - "Jenkins", - "Latest", - "Legacy-Docker-plans", - "Legacy-Docker-subscription", - "Linux", - "Local-or-Hub-storage", - "MMC", - "Mac", - "Mac-/-Linux", - "Mac-/-Linux-/-Git-Bash", - "Mac-/-Linux-CLI", - "Mac-and-Linux", - "Mac-with-Apple-silicon", - "Mac-with-Intel-chip", - "MacOS", - "Manual-creation", - "Manual-setup", - "Manual-verification", - "Manually-create-assets", - "NetworkManager", - "Node", - "Non-compliant", - "Not-covered", - "Okta", - "Okta-SAML", - "Old-Dockerfile", - "Other-providers", - "PHP", - "PowerShell", - "PowerShell-CLI", - "Python", - "RHEL-8", - "RHEL-9", - "RHEL-CentOS-or-Fedora", - "RPM-base-distributions", - "Raw", - "React", - "Regular-install", - "Remote-file", - "Rootless-mode", - "Ruby", - "Run-Ollama-in-a-container", - "Run-Ollama-outside-of-a-container", - "Rust", - "Shell-script-deployment", - "Specific-version", - "Svelte", - "Teams", - "Testcontainers-Cloud", - "TypeScript", - "Typescript", - "Ubuntu", - "Ubuntu/Debian", - "Unix-pipe", - "Updated-Dockerfile", - "Use-Docker-Init", - "Use-OpenAI", - "Using-Docker-Hardened-Image", - "Using-Docker-Hardened-Images", - "Using-the-CLI", - "Using-the-Docker-Official-Image", - "Using-the-GUI", - "Using-the-official-Docker-image", - "Using-the-official-image", - "VS-Code", - "Vue", - "WSL-2-backend-Arm-Early-Access", - "WSL-2-backend-x86_64", - "Web-browser", - "Windows", - "Windows-Command-Prompt", - "Windows-Git-Bash", - "Windows-PowerShell", - "Windows-run-as-admin", - "With-packages-RPM/DEB", - "With-systemd-Highly-recommended", - "Without-packages", - "Without-systemd", - "[display:none]", - "absolute", - "admonition", - "admonition-content", - "admonition-danger", - "admonition-header", - "admonition-icon", - "admonition-note", - "admonition-tip", - "admonition-title", - "admonition-warning", - "aspect-video", - "bake-action", - "bg-amber-500", - "bg-background-toc", - "bg-black/100", - "bg-black/50", - "bg-blue", - "bg-blue-400", - "bg-blue-500", - "bg-blue-600", - "bg-blue-700", - "bg-gray-100", - "bg-gray-400", - "bg-gray-50", - "bg-gray-500", - "bg-gray-700", - "bg-green-400", - "bg-green-500", - "bg-navbar-bg", - "bg-pattern-blue", - "bg-pattern-purple", - "bg-red-500", - "bg-violet-500", - "bg-white", - "block", - "border", - "border-0", - "border-1", - "border-b", - "border-b-4", - "border-blue", - "border-blue-500", - "border-divider-light", - "border-gray-100", - "border-gray-200", - "border-gray-300", - "border-gray-400", - "border-green-400", - "border-l-2", - "border-l-magenta-light", - "border-t", - "border-transparent", - "bottom-0", - "breadcrumbs", - "build-push-action", - "button", - "card", - "card-content", - "card-description", - "card-header", - "card-icon", - "card-img", - "card-link", - "card-title", - "chip", - "chroma", - "cls-1", - "cls-2", - "col-start-2", - "containerd-image-store", - "cursor-pointer", - "dark:bg-amber-400", - "dark:bg-background-dark", - "dark:bg-background-toc", - "dark:bg-blue-400", - "dark:bg-blue-500", - "dark:bg-blue-800", - "dark:bg-gray-300", - "dark:bg-gray-400", - "dark:bg-gray-500", - "dark:bg-gray-800", - "dark:bg-gray-900", - "dark:bg-gray-950", - "dark:bg-green-700", - "dark:bg-green-dark-400", - "dark:bg-navbar-bg-dark", - "dark:bg-red-400", - "dark:bg-violet-400", - "dark:block", - "dark:border-b-blue-600", - "dark:border-divider-dark", - "dark:border-gray-400", - "dark:border-gray-600", - "dark:border-gray-700", - "dark:border-green-400", - "dark:border-l-magenta-dark", - "dark:focus:ring-3-blue-dark", - "dark:hidden", - "dark:hover:bg-blue-400", - "dark:hover:bg-blue-700", - "dark:hover:bg-gray-600", - "dark:hover:bg-gray-900", - "dark:hover:text-blue", - "dark:outline-gray-800", - "dark:prose-invert", - "dark:ring-3-blue-dark-400", - "dark:ring-3-gray-dark-400", - "dark:syntax-dark", - "dark:text-blue", - "dark:text-blue-700", - "dark:text-divider-dark", - "dark:text-gray-200", - "dark:text-gray-300", - "dark:text-gray-400", - "dark:text-gray-500", - "dark:text-gray-600", - "dark:text-gray-800", - "dark:text-magenta-dark", - "dark:text-white", - "docker/bake-action", - "docker/build-push-action", - "download-links", - "download-links-subcontainer", - "drop-shadow", - "dropdown-base", - "duration-300", - "fixed", - "flex", - "flex-1", - "flex-[2_2_0%]", - "flex-col", - "flex-col-reverse", - "flex-grow", - "flex-none", - "flex-shrink", - "flex-shrink-0", - "flex-wrap", - "focus:outline-none", - "focus:ring", - "focus:ring-3-blue-light", - "focus:ring-blue-400", - "font-bold", - "font-medium", - "font-normal", - "font-semibold", - "footer", - "footnote-backref", - "footnote-ref", - "footnotes", - "gap-0", - "gap-1", - "gap-2", - "gap-2.5", - "gap-20", - "gap-3", - "gap-4", - "gap-8", - "goat", - "grid", - "grid-cols-1", - "group", - "group-hover:block'", - "group-open:[display:block]", - "group-open:rotate-180", - "h-16", - "h-2", - "h-32", - "h-5", - "h-6", - "h-64", - "h-8", - "h-[42px]", - "h-[calc(100vh-64px)]", - "h-fit", - "h-full", - "h-screen", - "hidden", - "hidden'", - "highlight", - "hover:bg-blue-400", - "hover:bg-blue-500", - "hover:bg-blue-600", - "hover:bg-blue-800", - "hover:bg-gray-100", - "hover:bg-gray-200", - "hover:bg-gray-50", - "hover:border-blue-400", - "hover:border-white/20", - "hover:dark:bg-gray-800", - "hover:dark:text-blue-400", - "hover:dark:text-blue-700", - "hover:opacity-90", - "hover:text-blue", - "hover:underline", - "icon-lg", - "icon-sm", - "icon-svg", - "inline", - "inline-block", - "inline-flex", - "inset-0", - "invertible", - "italic", - "items-center", - "items-start", - "items-stretch", - "justify-between", - "justify-center", - "justify-end", - "leading-none", - "leading-snug", - "leading-tight", - "left-0", - "lg:absolute", - "lg:block", - "lg:border-none", - "lg:flex", - "lg:flex-row", - "lg:gap-4", - "lg:gap-8", - "lg:grid-cols-2", - "lg:grid-cols-3", - "lg:grid-cols-4", - "lg:hidden", - "lg:hover:bg-transparent", - "lg:hover:opacity-80", - "lg:inline", - "lg:max-w-xl", - "lg:no-underline", - "lg:pb-2", - "link", - "links", - "lntable", - "lntd", - "macOS", - "max-h-full", - "max-w-4xl", - "max-w-56", - "max-w-[1920px]", - "max-w-full", - "max-w-none", - "mb-1", - "mb-1.5", - "mb-2", - "mb-4", - "mb-6", - "mb-8", - "md-dropdown", - "md:block", - "md:border-none", - "md:flex", - "md:flex-nowrap", - "md:flex-row", - "md:grid-cols-2", - "md:h-[334px]", - "md:h-[calc(100vh-64px)]", - "md:hidden", - "md:max-w-[66%]", - "md:sticky", - "md:text-base", - "md:text-sm", - "md:top-16", - "md:w-[300px]", - "md:w-[320px]", - "md:z-auto", - "min-h-screen", - "min-w-0", - "min-w-48", - "min-w-52", - "ml-2", - "ml-3", - "ml-4", - "ml-auto", - "mt-1", - "mt-1.5", - "mt-2", - "mt-20", - "mt-4", - "mt-8", - "mt-[2px]", - "mt-auto", - "mx-1", - "mx-auto", - "my-0", - "my-4", - "my-6", - "navbar-entry-background-current", - "navbar-entry-margin", - "navbar-font", - "navbar-group", - "navbar-group-font-title", - "no-underline", - "no-wrap", - "not-prose", - "object-cover", - "open-kapa-widget", - "openSUSE-and-SLES", - "origin-bottom-right", - "origin-top-right", - "ot-sdk-show-settings", - "outline", - "outline-1", - "outline-gray-200", - "outline-hidden", - "outline-offset-[-1px]", - "overflow-clip", - "overflow-hidden", - "overflow-visible", - "overflow-x-auto", - "overflow-x-hidden", - "overflow-y-auto", - "p-1", - "p-2", - "p-3", - "p-4", - "p-6", - "p-8", - "pb-0", - "pb-0.5", - "pb-1", - "pb-2", - "pb-4", - "pb-8", - "pl-2", - "pl-3", - "pl-4", - "pl-5", - "placeholder-blue-300", - "pr-2", - "prose", - "pt-2", - "pt-20", - "pt-4", - "px-1", - "px-2", - "px-3", - "px-4", - "px-6", - "px-8", - "py-0.5", - "py-1", - "py-2", - "py-4", - "py-8", - "py-[0.5625rem]", - "relative", - "right-0", - "right-2", - "right-8", - "ring-3-2", - "ring-3-[1.5px]", - "ring-3-blue-light-400", - "ring-3-gray-light-200", - "rotate-45", - "rounded", - "rounded-full", - "rounded-lg", - "rounded-md", - "rounded-sm", - "scale-50", - "scroll-mt-2", - "scroll-mt-20", - "scroll-mt-36", - "secondaryLinks", - "section-card", - "section-card-text", - "section-card-title", - "select-none", - "self-center", - "self-start", - "shadow", - "shadow-md", - "shimmer", - "sm:block", - "sm:flex-row", - "sm:hidden", - "sm:items-center", - "social", - "space-y-2", - "space-y-4", - "sticky", - "sub-button", - "summary-bar", - "svg", - "svg-container", - "syntax-light", - "systemd-networkd", - "tab-item", - "tablist", - "tabs", - "text-2xl", - "text-base", - "text-black", - "text-blue", - "text-blue-light", - "text-divider-light", - "text-gray-200", - "text-gray-300", - "text-gray-400", - "text-gray-500", - "text-gray-600", - "text-gray-700", - "text-gray-800", - "text-left", - "text-lg", - "text-magenta-light", - "text-md", - "text-sm", - "text-white", - "text-xl", - "text-xs", - "toc", - "top-0", - "top-1", - "top-16", - "top-6", - "topbar-button", - "transition", - "transition-colors", - "transition-transform", - "truncate", - "w-2", - "w-5", - "w-64", - "w-65", - "w-8", - "w-[1200px]", - "w-full", - "whitespace-nowrap", - "xl:flex", - "xl:flex-row", - "xl:grid-cols-3", - "xl:mb-0", - "xl:w-[1200px]", - "youtube-video", - "z-10", - "z-20", - "z-30", - "z-40", - "z-50", - "z-[999]" - ], - "ids": null - } -} diff --git a/layouts/redirect/single.html b/layouts/redirect/single.html index 1537e672921..03bf721b353 100644 --- a/layouts/redirect/single.html +++ b/layouts/redirect/single.html @@ -1 +1 @@ -{{- template "_internal/alias.html" (dict "Permalink" .Params.target) -}} +{{- template "alias.html" (dict "Permalink" .Params.target) -}} diff --git a/netlify.toml b/netlify.toml index 04ca26b6e0f..d773ce4389b 100644 --- a/netlify.toml +++ b/netlify.toml @@ -4,7 +4,7 @@ publish = "public" [context.deploy-preview.environment] NODE_VERSION = "22" NODE_ENV = "production" -HUGO_VERSION = "0.141.0" +HUGO_VERSION = "0.154.2" HUGO_ENABLEGITINFO = "true" HUGO_ENVIRONMENT = "preview" SECRETS_SCAN_OMIT_PATHS = "public/contribute/file-conventions/index.html"