diff --git a/SUMMARY.md b/SUMMARY.md index 0093c0d2..acf6415b 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -337,6 +337,7 @@ * [Start The Daemon](content/config/daemon/start.md) * [Configure The Daemon With Systemd](content/config/daemon/systemd.md) * [Troubleshooting The Docker Daemon](content/config/daemon/troubleshoot.md) + * [CLI Completion](content/config/completion.md) * [Filter Commands](content/config/filter.md) * [Format Command And Log Output](content/config/formatting.md) * [Docker Object Labels](content/config/labels-custom-metadata.md) @@ -466,9 +467,9 @@ * [Limitations](content/desktop/hardened-desktop/enhanced-container-isolation/limitations.md) - Settings Management * [What Is Settings Management](content/desktop/hardened-desktop/settings-management/_index.md) - * [Configure Air Gapped Containers With Settings Management](content/desktop/hardened-desktop/settings-management/air-gapped-containers.md) * [Configure Settings Management](content/desktop/hardened-desktop/settings-management/configure.md) * [Overview Of Hardened Docker Desktop](content/desktop/hardened-desktop/_index.md) + * [Air Gapped Containers](content/desktop/hardened-desktop/air-gapped-containers.md) - Install * [Install Docker Desktop On Arch Based Distributions](content/desktop/install/archlinux.md) * [Install Docker Desktop On Debian](content/desktop/install/debian.md) diff --git a/content/config/completion.md b/content/config/completion.md new file mode 100644 index 00000000..90ab8100 --- /dev/null +++ b/content/config/completion.md @@ -0,0 +1,104 @@ +--- +title: CLI completion +description: Set up your shell to get autocomplete for Docker commands and flags +keywords: cli, shell, fish, bash, zsh, completion, options +--- + +You can generate a shell completion script for the Docker CLI using the `docker +completion` command. The completion script gives you word completion for +commands, flags, and Docker objects (such as container and volume names) when +you hit `` as you type into your terminal. + +You can generate completion scripts for the following shells: + +- [Bash](#bash) +- [Zsh](#zsh) +- [fish](#fish) + +## Bash + +To get Docker CLI completion with Bash, you first need to install the +`bash-completion` package which contains a number of Bash functions for shell +completion. + +```bash +# Install using APT: +sudo apt install bash-completion + +# Install using Homebrew (Bash version 4 or later): +brew install bash-completion@2 +# Homebrew install for older versions of Bash: +brew install bash-completion + +# With pacman: +sudo pacman -S bash-completion +``` + +After installing `bash-completion`, source the script in your shell +configuration file (in this example, `.bashrc`): + +```bash +# On Linux: +cat <> ~/.bashrc +if [ -f /etc/bash_completion ]; then + . /etc/bash_completion +fi +EOT + +# On macOS / with Homebrew: +cat <> ~/.bash_profile +[[ -r "$(brew --prefix)/etc/profile.d/bash_completion.sh" ]] && . "$(brew --prefix)/etc/profile.d/bash_completion.sh" +EOT +``` + +And reload your shell configuration: + +```console +$ source ~/.bashrc +``` + +Now you can generate the Bash completion script using the `docker completion` command: + +```console +$ mkdir -p ~/.local/share/bash-completion/completions +$ docker completion bash > ~/.local/share/bash-completion/completions/docker +``` + +## Zsh + +The Zsh [completion system](http://zsh.sourceforge.net/Doc/Release/Completion-System.html) +takes care of things as long as the completion can be sourced using `FPATH`. + +If you use Oh My Zsh, you can install completions without modifying `~/.zshrc` +by storing the completion script in the `~/.oh-my-zsh/completions` directory. + +```console +$ mkdir -p ~/.oh-my-zsh/completions +$ docker completion zsh > ~/.oh-my-zsh/completions/_docker +``` + +If you're not using Oh My Zsh, store the completion script in a directory of +your choice and add the directory to `FPATH` in your `.zshrc`. + +```console +$ mkdir -p ~/.docker/completions +$ docker completion zsh > ~/.docker/completions/_docker +``` + +```console +$ cat <> ~/.zshrc +fpath=(~/.docker/completions \\$fpath) +autoload -Uz compinit +compinit +EOT +``` + +## Fish + +fish shell supports a [completion system](https://fishshell.com/docs/current/#tab-completion) natively. +To activate completion for Docker commands, copy or symlink the completion script to your fish shell `completions/` directory: + +```console +$ mkdir -p ~/.config/fish/completions +$ docker completion fish > ~/.config/fish/completions/docker.fish +``` diff --git a/content/desktop/faqs/macfaqs.md b/content/desktop/faqs/macfaqs.md index 71149e73..e09d7ede 100644 --- a/content/desktop/faqs/macfaqs.md +++ b/content/desktop/faqs/macfaqs.md @@ -220,70 +220,3 @@ To learn more about how to install a CA root certificate for the registry and how to set the client TLS certificate for verification, see [Verify repository client with certificates](../../engine/security/certificates.md) in the Docker Engine topics. - -### How do I install shell completion? - -Docker Desktop comes with scripts to enable completion for the `docker` and `docker compose` commands. The completion scripts may be -found inside `Docker.app`, in the `Contents/Resources/etc/` directory and can be -installed both in Bash and Zsh. - -#### Bash - -Bash has [built-in support for -completion](https://www.debian-administration.org/article/316/An_introduction_to_bash_completion_part_1) To activate completion for Docker commands, these files need to be -copied or symlinked to your `bash_completion.d/` directory. For example, if you -installed bash via [Homebrew](https://brew.sh): - -```bash -etc=/Applications/Docker.app/Contents/Resources/etc -ln -s $etc/docker.bash-completion $(brew --prefix)/etc/bash_completion.d/docker -ln -s $etc/docker-compose.bash-completion $(brew --prefix)/etc/bash_completion.d/docker-compose -``` - -Add the following to your `~/.bash_profile`: - -```bash -[ -f /usr/local/etc/bash_completion ] && . /usr/local/etc/bash_completion -``` - -OR - -```bash -if [ -f $(brew --prefix)/etc/bash_completion ]; then -. $(brew --prefix)/etc/bash_completion -fi -``` - -#### Zsh - -In Zsh, the [completion -system](http://zsh.sourceforge.net/Doc/Release/Completion-System.html) -takes care of things. To activate completion for Docker commands, -these files need to be copied or symlinked to your Zsh `site-functions/` -directory. For example, if you installed Zsh via [Homebrew](https://brew.sh): - -```bash -etc=/Applications/Docker.app/Contents/Resources/etc -ln -s $etc/docker.zsh-completion /usr/local/share/zsh/site-functions/_docker -ln -s $etc/docker-compose.zsh-completion /usr/local/share/zsh/site-functions/_docker-compose -``` - -#### Fish-Shell - -Fish-shell also supports tab completion [completion -system](https://fishshell.com/docs/current/#tab-completion). To activate completion for Docker commands, -these files need to be copied or symlinked to your Fish-shell `completions/` -directory. - -Create the `completions` directory: - -```console -$ mkdir -p ~/.config/fish/completions -``` - -Now add fish completions from docker. - -```console -$ ln -shi /Applications/Docker.app/Contents/Resources/etc/docker.fish-completion ~/.config/fish/completions/docker.fish -$ ln -shi /Applications/Docker.app/Contents/Resources/etc/docker-compose.fish-completion ~/.config/fish/completions/docker-compose.fish -``` diff --git a/content/desktop/hardened-desktop/_index.md b/content/desktop/hardened-desktop/_index.md index 1b213311..c2cfb84f 100644 --- a/content/desktop/hardened-desktop/_index.md +++ b/content/desktop/hardened-desktop/_index.md @@ -8,19 +8,23 @@ grid: - title: "Settings Management" description: Learn how Settings Management can secure your developers' workflows. icon: shield_locked - link: "/desktop/hardened-desktop/settings-management/" + link: /desktop/hardened-desktop/settings-management/ - title: "Enhanced Container Isolation" description: Understand how Enhanced Container Isolation can prevent container attacks. icon: "security" - link: "/desktop/hardened-desktop/enhanced-container-isolation/" + link: /desktop/hardened-desktop/enhanced-container-isolation/ - title: "Registry Access Management" description: Control the registries developers can access while using Docker Desktop. icon: "home_storage" - link: "/security/for-admins/registry-access-management/" + link: /security/for-admins/registry-access-management/ - title: "Image Access Management" description: Control the images developers can pull from Docker Hub. icon: "photo_library" - link: "/security/for-admins/image-access-management/" + link: /security/for-admins/image-access-management/ + - title: "Air-Gapped Containers" + description: Restrict containers from accessing unwanted network resources. + icon: "vpn_lock" + link: /desktop/hardened-desktop/air-gapped-containers/ --- > **Note** @@ -45,17 +49,20 @@ It is for security conscious organizations who: ### What does Hardened Docker Desktop include? It includes: + - Settings Management, which helps admins to confidently manage and control the usage of Docker Desktop within their organization. - Enhanced Container Isolation (ECI), a setting that instantly enhances security by preventing containers from running as root in Docker Desktop’s Linux VM and ensures that any configurations set using Settings Management cannot be bypassed or modified by containers. - Registry Access Management (RAM), which allows admins to control the registries developers can access. - Image Access Management (IAM), which gives admins control over which images developers can pull from Docker Hub. +- Air-gapped containers, which restricts containers from accessing unwanted network resources. ### How does it help my organisation? Hardened Desktop features work independently but collectively to create a defense-in-depth strategy, safeguarding developer workstations against potential attacks across various functional layers, such as configuring Docker Desktop, pulling container images, and running container images. This multi-layered defense approach ensures comprehensive security. It helps mitigate against threats such as: - - Malware and supply chain attacks. RAM and IAM prevent developers from accessing certain container registries and image types, significantly lowering the risk of malicious payloads. Additionally, ECI restricts the impact of containers with malicious payloads by running them without root privileges inside a Linux user namespace. - - Insider threats. Settings Management configures and locks various Docker Desktop settings, such as proxy settings, ECI, and prevents exposure of the Docker API. This helps admins enforce company policies and prevents developers from introducing insecure configurations, intentionally or unintentionally. + - **Malware and supply chain attacks:** RAM and IAM prevent developers from accessing certain container registries and image types, significantly lowering the risk of malicious payloads. Additionally, ECI restricts the impact of containers with malicious payloads by running them without root privileges inside a Linux user namespace. + - **Lateral movement:** Air gapped containers allows admins to configure network access restrictions for containers, thereby preventing malicious containers from performing lateral movement within the organization's network. + - **Insider threats:** Settings Management configures and locks various Docker Desktop settings, such as proxy settings, ECI, and prevents exposure of the Docker API. This helps admins enforce company policies and prevents developers from introducing insecure configurations, intentionally or unintentionally. {{< grid >}} diff --git a/content/desktop/hardened-desktop/settings-management/air-gapped-containers.md b/content/desktop/hardened-desktop/air-gapped-containers.md similarity index 85% rename from content/desktop/hardened-desktop/settings-management/air-gapped-containers.md rename to content/desktop/hardened-desktop/air-gapped-containers.md index bbbb4da1..804726bc 100644 --- a/content/desktop/hardened-desktop/settings-management/air-gapped-containers.md +++ b/content/desktop/hardened-desktop/air-gapped-containers.md @@ -1,12 +1,12 @@ --- -description: Learn how to create air-gapped containers with Settings Management -title: Configure air-gapped containers with Settings Management -keywords: settings management, air gapped, security, Docker Desktop, configuration, proxy, network +title: Air-gapped containers +description: Air-gapped containers - What it is, benefits, and how to configure it. +keywords: air gapped, security, Docker Desktop, configuration, proxy, network --- > **Beta feature** > -> This feature is in [Beta](../../../release-lifecycle.md/#beta). +> This feature is in [Beta](../../release-lifecycle.md/#beta). > It's available with Docker Desktop version 4.29 and later. { .experimental } @@ -25,7 +25,7 @@ You can choose: ## Configuration -Assuming [enforced sign-in](../../../security/for-admins/configure-sign-in.md) and Settings Management are enabled, add the new proxy configuration to the `admin-settings.json` file. For example: +Assuming [enforced sign-in](../../security/for-admins/configure-sign-in.md) and [Settings Management](settings-management/_index.md) are enabled, add the new proxy configuration to the `admin-settings.json` file. For example: ```json { @@ -86,4 +86,4 @@ The `FindProxyForURL` can return the following values: In this particular example, HTTP and HTTPS requests for `internal.corp` are sent via the HTTP proxy `10.0.0.1:3128`. Requests to connect to IPs on the subnet `192.168.0.0/24` connect directly. All other requests are blocked. -To restrict traffic connecting to ports on the developers local machine, [match the special hostname `host.docker.internal`](../../networking.md#i-want-to-connect-from-a-container-to-a-service-on-the-host). \ No newline at end of file +To restrict traffic connecting to ports on the developers local machine, [match the special hostname `host.docker.internal`](../networking.md#i-want-to-connect-from-a-container-to-a-service-on-the-host). diff --git a/content/desktop/hardened-desktop/settings-management/configure.md b/content/desktop/hardened-desktop/settings-management/configure.md index 7c0f0d3b..df79872d 100644 --- a/content/desktop/hardened-desktop/settings-management/configure.md +++ b/content/desktop/hardened-desktop/settings-management/configure.md @@ -157,24 +157,24 @@ The following `admin-settings.json` code and table provides an example of the re "path":"$TMP", "sharedByDefault": false } - ], + ], "useVirtualizationFrameworkVirtioFS": { "locked": true, - "value": true + "value": true }, "useVirtualizationFrameworkRosetta": { "locked": true, - "value": true + "value": true }, "useGrpcfuse": { "locked": true, - "value": true + "value": true }, "displayedOnboarding": { "locked": true, - "value": true + "value": true } -} +} ``` | Parameter | | Description | @@ -183,7 +183,7 @@ The following `admin-settings.json` code and table provides an example of the re | `exposeDockerAPIOnTCP2375` | Windows only| Exposes the Docker API on a specified port. If `value` is set to true, the Docker API is exposed on port 2375. Note: This is unauthenticated and should only be enabled if protected by suitable firewall rules.| | `proxy` | |If `mode` is set to `system` instead of `manual`, Docker Desktop gets the proxy values from the system and ignores and values set for `http`, `https` and `exclude`. Change `mode` to `manual` to manually configure proxy servers. If the proxy port is custom, specify it in the `http` or `https` property, for example `"https": "http://myotherproxy.com:4321"`. The `exclude` property specifies a comma-separated list of hosts and domains to bypass the proxy. | |        `windowsDockerdPort` | Windows only | Exposes Docker Desktop's internal proxy locally on this port for the Windows Docker daemon to connect to. If it is set to 0, a random free port is chosen. If the value is greater than 0, use that exact value for the port. The default value is -1 which disables the option. Note: This is available for Windows containers only. | -| `containersProxy` (Beta) | | Allows you to create air-gapped containers. For more information see [Configure air-gapped containers with Settings Management](air-gapped-containers.md).| +| `containersProxy` (Beta) | | Allows you to create air-gapped containers. For more information see [Air-gapped containers](../air-gapped-containers.md).| | `enhancedContainerIsolation` | | If `value` is set to true, Docker Desktop runs all containers as unprivileged, via the Linux user-namespace, prevents them from modifying sensitive configurations inside the Docker Desktop VM, and uses other advanced techniques to isolate them. For more information, see [Enhanced Container Isolation](../enhanced-container-isolation/index.md).| |        `dockerSocketMount` | | By default, enhanced container isolation blocks bind-mounting the Docker Engine socket into containers (e.g., `docker run -v /var/run/docker.sock:/var/run/docker.sock ...`). This allows admins to relax this in a controlled way. See [ECI Configuration](../enhanced-container-isolation/config.md) for more info. | |               `imageList` | | Indicates which container images are allowed to bind-mount the Docker Engine socket. | diff --git a/content/desktop/install/ubuntu.md b/content/desktop/install/ubuntu.md index 152261a0..ee8d7b01 100644 --- a/content/desktop/install/ubuntu.md +++ b/content/desktop/install/ubuntu.md @@ -28,8 +28,11 @@ _For checksums, see [Release notes](../release-notes.md)_ To install Docker Desktop successfully, you must: - Meet the [system requirements](linux-install.md#system-requirements) -- Have a 64-bit version of either the latest LTS version (Ubuntu Jammy Jellyfish 22.04) or the current non-LTS version (Ubuntu Mantic Minotaur 23.10). - Docker Desktop is supported on `x86_64` (or `amd64`) architecture. +- Have a 64-bit version of either the LTS version Ubuntu Jammy Jellyfish 22.04, or the current non-LTS version (Ubuntu Mantic Minotaur 23.10). Docker Desktop is supported on `x86_64` (or `amd64`) architecture. + > **Note** + > + > The latest Ubuntu 24.04 LTS is not yet supported. Docker Desktop will fail to start. Due to a change in how the latest Ubuntu release restricts the unprivileged namespaces, `sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0` needs to be run at least once. Refer to the [Ubuntu Blog](https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces) for more details. + - For non-Gnome Desktop environments, `gnome-terminal` must be installed: ```console $ sudo apt install gnome-terminal diff --git a/content/desktop/release-notes.md b/content/desktop/release-notes.md index ccb305f4..69f154f6 100644 --- a/content/desktop/release-notes.md +++ b/content/desktop/release-notes.md @@ -33,7 +33,7 @@ For frequently asked questions about Docker Desktop releases, see [FAQs](faqs/re ### New -#### For all platforms +#### For all platforms - Docker Desktop now supports [SOCKS5 proxies](networking.md#socks5-proxy-support). Requires a Business subscription. - Added a new setting to manage the onboarding survey in [Settings Management](hardened-desktop/settings-management/_index.md). @@ -61,7 +61,7 @@ For frequently asked questions about Docker Desktop releases, see [FAQs](faqs/re - Improved Enhanced Container Isolation (ECI) security when running `docker build` commands in rootless containers. - Fixed a bug where `docker events` exited with `Unexpected EOF` when Docker Desktop entered/exited Resource Saver mode. -- Fixed a bug where `docker stats --no-stream` hanged when Docker Desktop was in Resource Saver mode. +- Fixed a bug where `docker stats --no-stream` hung when Docker Desktop was in Resource Saver mode. - Fixed a bug in the self-diagnose CLI that incorrectly showed the VM had not started. Fixes [docker/for-mac#7241](https://github.com/docker/for-mac/issues/7241). - Fixed a bug where high-throughput port forward transfers could stall. Fixes [docker/for-mac#7207](https://github.com/docker/for-mac/issues/7207). - Fixed CLI-plugin symlinks not being removed when CLI apps were removed. @@ -122,7 +122,7 @@ This can be resolved by adding the user to the **docker-users** group. Before st - Compose supports [Synchronized file shares (experimental)](synchronized-file-sharing.md). - New [interactive Compose CLI (experimental)](../compose/environment-variables/envvars.md#compose_menu). - Beta release of: - - Air-gapped containers with [Settings Management](hardened-desktop/settings-management/air-gapped-containers.md). + - Air-Gapped Containers with [Settings Management](hardened-desktop/air-gapped-containers/_index.md). - [Host networking](../network/drivers/host.md#docker-desktop) in Docker Desktop. - [Docker Debug](use-desktop/container.md#integrated-terminal) for running containers. - [Volumes Backup & Share extension](use-desktop/volumes.md) functionality available in the **Volumes** tab. @@ -203,7 +203,7 @@ This can be resolved by adding the user to the **docker-users** group. Before st - [Compose v2.24.6](https://github.com/docker/compose/releases/tag/v2.24.6) - [Docker Engine v25.0.3](https://docs.docker.com/engine/release-notes/25.0/#2503) - [Docker Scout CLI v1.5.0](https://github.com/docker/scout-cli/releases/tag/v1.5.0) -- [Qemu 8.1.5](https://wiki.qemu.org/ChangeLog/8.1) +- [Qemu 8.1.5](https://wiki.qemu.org/ChangeLog/8.1) - [Wasm](../desktop/wasm/_index.md) runtimes: - Updated runwasi shims to `v0.4.0`, including: - wasmtime `v17.0`, with initial support for WASI preview 2 @@ -480,7 +480,7 @@ This can be resolved by adding the user to the **docker-users** group. Before st - Fixed a bug were the setting **Start Docker Desktop when you sign in** would not work. Fixes [docker/for-mac#7052](https://github.com/docker/for-mac/issues/7052). - You can now enable the use of Kernel networking path for UDP through the UI. Fixes [docker/for-mac#7008](https://github.com/docker/for-mac/issues/7008). - Fixed a regression where the `uninstall` CLI tool was missing. -- Addressed an issue which caused Docker Desktop to become unresponsive when analytics were disabled with Settings Management. +- Addressed an issue which caused Docker Desktop to become unresponsive when analytics were disabled with Settings Management. #### For Windows @@ -492,7 +492,7 @@ This can be resolved by adding the user to the **docker-users** group. Before st #### For Windows - Docker CLI doesn’t work when using WSL 2 integration on an older Linux distribution (for example, Ubuntu 20.04) which uses a `glibc` version older than `2.32`. This will be fixed in future releases. See [docker/for-win#13824](https://github.com/docker/for-win/issues/13824). - + ## 4.25.2 {{< release-date date="2023-11-21" >}} @@ -602,7 +602,7 @@ This can be resolved by adding the user to the **docker-users** group. Before st #### For all platforms -- Docker operations, such as pulling images or logging in, fail with 'connection refused' or 'timeout' errors if the Swap file size is set to 0MB. As a workaround, configure the swap file size to a non-zero value in the **Resources** tab in **Settings**. +- Docker operations, such as pulling images or logging in, fail with 'connection refused' or 'timeout' errors if the Swap file size is set to 0MB. As a workaround, configure the swap file size to a non-zero value in the **Resources** tab in **Settings**. ## 4.24.2 diff --git a/content/scout/advisory-db-sources.md b/content/scout/advisory-db-sources.md index e7c07f14..0c57a285 100644 --- a/content/scout/advisory-db-sources.md +++ b/content/scout/advisory-db-sources.md @@ -26,6 +26,7 @@ Docker Scout uses the following package repositories and security trackers: - [Bitnami Vulnerability Database](https://github.com/bitnami/vulndb) - [CISA Known Exploited Vulnerability Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) +- [CISA Vulnrichment](https://github.com/cisagov/vulnrichment) - [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/) - [Exploit Prediction Scoring System (EPSS)](https://api.first.org/epss/) - [GitHub Advisory Database](https://github.com/advisories/) diff --git a/content/security/_index.md b/content/security/_index.md index 39e9795d..959ebf82 100644 --- a/content/security/_index.md +++ b/content/security/_index.md @@ -19,6 +19,10 @@ grid_admins: description: Control the images developers can pull from Docker Hub. icon: photo_library link: /security/for-admins/image-access-management/ +- title: "Air-Gapped Containers" + description: Restrict containers from accessing unwanted network resources. + icon: "vpn_lock" + link: /desktop/hardened-desktop/air-gapped-containers/ - title: Enforce sign-in description: Configure sign-in for members of your teams and organizations. link: /security/for-admins/configure-sign-in/ @@ -40,14 +44,14 @@ grid_admins: icon: checklist link: /security/for-admins/scim/ - title: Roles and permissions - description: Assign roles to individuals giving them different permissions within an organization. + description: Assign roles to individuals giving them different permissions within an organization. icon: badge link: /security/for-admins/roles-and-permissions/ - title: Private marketplace for Extensions (Early Access) description: Learn how to configure and set up a private marketplace with a curated list of extensions for your Docker Desktop users. icon: storefront link: /desktop/extensions/private-marketplace/ -grid_developers: +grid_developers: - title: Set up two-factor authentication description: Add an extra layer of authentication to your Docker account. link: /security/for-developers/2fa/ @@ -83,18 +87,18 @@ grid_resources: link: /scout/guides/vex/ --- -Docker provides security guardrails for both administrators and developers. +Docker provides security guardrails for both administrators and developers. -If you're an administrator, you can enforce sign-in across Docker products for your developers, and -scale, manage, and secure your instances of Docker Desktop with DevOps security controls like Enhanced Container Isolation and Registry Access Management. +If you're an administrator, you can enforce sign-in across Docker products for your developers, and +scale, manage, and secure your instances of Docker Desktop with DevOps security controls like Enhanced Container Isolation and Registry Access Management. -For both administrators and developers, Docker provides security-specific products such as Docker Scout, for securing your software supply chain with proactive image vulnerability monitoring and remediation strategies. +For both administrators and developers, Docker provides security-specific products such as Docker Scout, for securing your software supply chain with proactive image vulnerability monitoring and remediation strategies. ## For administrators Explore the security features Docker offers to satisfy your company's security policies. -{{< grid items="grid_admins" >}} +{{< grid items="grid_admins" >}} ## For developers diff --git a/data/redirects.yml b/data/redirects.yml index cd8ee8e6..476bb92a 100644 --- a/data/redirects.yml +++ b/data/redirects.yml @@ -602,6 +602,8 @@ - /feedback/desktop-build/ # Docker Scout +"https://deploy-preview-19873--docsdocker.netlify.app/scout/dashboard/#notification-settings": + - /go/scout-notifications/ "/scout/": - /go/scout/ - /go/docker-scout/ diff --git a/data/toc.yaml b/data/toc.yaml index af421cd1..c3dfbaf5 100644 --- a/data/toc.yaml +++ b/data/toc.yaml @@ -187,7 +187,7 @@ Guides: - title: "Test your deployment" path: /language/php/deploy/ -- sectiontitle: Use-case guides {{< badge color=violet text=New >}} +- sectiontitle: Use-case guides section: - path: /guides/use-case/ title: Overview @@ -1168,8 +1168,6 @@ Manuals: title: What is Settings Management? - path: /desktop/hardened-desktop/settings-management/configure/ title: Configure Settings Management - - path: /desktop/hardened-desktop/settings-management/air-gapped-containers/ - title: Air-gapped containers (Beta) - sectiontitle: Enhanced Container Isolation section: - path: /desktop/hardened-desktop/enhanced-container-isolation/ @@ -1184,6 +1182,8 @@ Manuals: title: Limitations - path: /desktop/hardened-desktop/enhanced-container-isolation/faq/ title: FAQ + - path: /desktop/hardened-desktop/air-gapped-containers/ + title: Air-Gapped Containers - sectiontitle: Dev Environments (Beta) section: - path: /desktop/dev-environments/ @@ -1579,6 +1579,8 @@ Manuals: section: - path: /engine/reference/commandline/cli/ title: Use the Docker CLI + - path: /config/completion/ + title: Completion - path: /config/filter/ title: Filter commands - path: /config/formatting/ diff --git a/hugo_stats.json b/hugo_stats.json index 651cadb0..eef73534 100644 --- a/hugo_stats.json +++ b/hugo_stats.json @@ -45,6 +45,7 @@ "For-Mac-with-Apple-silicon", "For-Mac-with-Intel-chip", "For-all-platforms", + "GUI", "Git-Bash", "Git-Bash-CLI", "GitHub-Actions",