Sync from docker/docs@31779e9 by PCIT

Dockerfile

@@ -5,20 +5,22 @@ ARG HTMLTEST_VERSION=0.17.0
 
 FROM golang:${GO_VERSION}-alpine as base
 WORKDIR /src
-RUN apk --update add nodejs npm git
+RUN apk --update add nodejs npm git gcompat
 
 FROM base as node
 COPY package*.json .
-RUN npm install && npm cache clean --force
+ENV NODE_ENV=production
+RUN npm install
 
 FROM base as hugo
-ARG HUGO_VERSION=0.116.1
+ARG HUGO_VERSION=0.122.0
 ARG TARGETARCH
-WORKDIR /bin
-RUN go install github.com/gohugoio/hugo@v${HUGO_VERSION}
+WORKDIR /tmp/hugo
+RUN wget -O "hugo.tar.gz" "https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-${TARGETARCH}.tar.gz"
+RUN tar -xf "hugo.tar.gz" hugo
 
 FROM base as build-base
-COPY --from=hugo $GOPATH/bin/hugo /bin/hugo
+COPY --from=hugo /tmp/hugo/hugo /bin/hugo
 COPY --from=node /src/node_modules /src/node_modules
 COPY . .
 
@@ -32,7 +34,7 @@ RUN hugo --gc --minify -d /out -e $HUGO_ENV -b $DOCS_URL
 FROM scratch as release
 COPY --from=build /out /
 
-FROM davidanson/markdownlint-cli2:v0.10.0 as lint
+FROM davidanson/markdownlint-cli2:v0.12.1 as lint
 USER root
 RUN --mount=type=bind,target=. \
     /usr/local/bin/markdownlint-cli2 \

SUMMARY.md

@@ -942,6 +942,8 @@
         * [Generative AI Guide](content/guides/use-case/genai-pdf-bot/_index.md)
         * [Containerize A Generative AI Application](content/guides/use-case/genai-pdf-bot/containerize.md)
         * [Use Containers For Generative AI Development](content/guides/use-case/genai-pdf-bot/develop.md)
+      - Genai Video Bot
+        * [Gen AI Video Transcription And Chat](content/guides/use-case/genai-video-bot/_index.md)
     - Walkthroughs
       * [Access A Local Folder From A Container](content/guides/walkthroughs/access-local-folder.md)
       * [Containerize Your Application](content/guides/walkthroughs/containerize-your-app.md)

_vendor/modules.txt

@@ -1,5 +1,5 @@
 # github.com/moby/moby v25.0.0+incompatible
-# github.com/moby/buildkit v0.13.0-beta1.0.20240126101002-6bd81372ad6f
+# github.com/moby/buildkit v0.13.0-beta3.0.20240201135300-d906167d0b34
 # github.com/docker/buildx v0.12.2-0.20240126114058-d43cf8c2c6b4
 # github.com/docker/scout-cli v1.3.0
 # github.com/docker/cli v25.0.1+incompatible

content/build/attestations/slsa-provenance.md

@@ -136,13 +136,18 @@ well as:
 - Source maps describing the relationship between build steps and image layers.
 
 When possible, you should prefer `mode=max` as it contains significantly more
-detailed information for analysis. However, on some builds it may not be
-appropriate, as it includes the values of
-[build arguments](../../engine/reference/commandline/buildx_build.md#build-arg)
-and metadata about secrets and SSH mounts. If you pass sensitive information
-using build arguments, consider refactoring builds to pass secret values using
-[build secrets](../../engine/reference/commandline/buildx_build.md#secret), to
-prevent leaking of sensitive information.
+detailed information for analysis.
+
+> **Warning**
+>
+> Note that `mode=max` exposes the values of
+> [build arguments](../../engine/reference/commandline/buildx_build.md#build-arg).
+>
+> If you're misusing build arguments to pass credentials, authentication
+> tokens, or other secrets, you should refactor your build to pass the secrets using
+> [secret mounts](../../engine/reference/commandline/buildx_build.md#secret) instead.
+> Secret mounts don't leak outside of the build and are never included in provenance attestations.
+{.warning}
 
 ## Inspecting Provenance
 

content/build/ci/github-actions/attestations.md

@@ -25,6 +25,18 @@ attestations to your image, with the following conditions:
   attestations are added to the image. These output formats don't support
   attestations.
 
+> **Warning**
+>
+> If you're using `docker/build-push-action` to build images for code in a
+> public GitHub repository, the provenance attestations attached to your image
+> by default contains the values of build arguments. If you're misusing build
+> arguments to pass secrets to your build, such as user credentials or
+> authentication tokens, those secrets are exposed in the provenance
+> attestation. Refactor your build to pass those secrets using
+> [secret mounts](../../../engine/reference/commandline/buildx_build.md#secret)
+> instead. Also remember to rotate any secrets you may have exposed.
+{ .warning }
+
 ## Max-level provenance
 
 It's recommended that you build your images with max-level provenance

content/compose/compose-file/06-networks.md

@@ -70,46 +70,10 @@ driver is not available on the platform.
 ```yml
 networks:
   db-data:
-    driver: overlay
-```
-
-Compose supports the following drivers:
-`none` and `host`
-
-- `host`: Use the host's networking stack.
-- `none`: Turn off networking.
-
-#### host or none
-
-The syntax for using built-in networks such as `host` and `none` is different, as such networks implicitly exist outside
-the scope of Compose. To use them, you must define an external network with the name `host` or `none` and
-an alias that Compose can use (`hostnet` and `nonet` in the following example), then grant the service
-access to that network using its alias.
-
-```yml
-services:
-  web:
-    networks:
-      hostnet: {}
-
-networks:
-  hostnet:
-    external: true
-    name: host
+    driver: bridge
 ```
 
-```yml
-services:
-  web:
-    ...
-    networks:
-      nonet: {}
-
-networks:
-  nonet:
-    external: true
-    name: none
-```
+For more information on drivers and available options, see [Network drivers](../../network/drivers/_index.md).
 
 ### driver_opts
 

content/compose/compose-file/build.md

@@ -11,37 +11,26 @@ keywords: compose, compose specification, compose file reference, compose build
 A Compose implementation which focuses on running an application on a local machine needs to also support (re)building the application from source. The Compose Build Specification lets you define the build process within a Compose file
 in a portable way.
 
-## Definitions
-
-Only a subset of Compose file services can be defined under a `build`
-subsection, others may make use of the `image` attribute. When a `build` subsection is present for a service, Compose ignores the `image` attribute for the corresponding service, as Compose
-can build an image from source.
-
 `build` can be either specified as a single string defining a context path, or as a detailed build definition.
 
 In the former case, the whole path is used as a Docker context to execute a Docker build, looking for a canonical
 `Dockerfile` at the root of the directory. The path can be absolute or relative. If it is relative, it is resolved
 from the Compose file's parent folder. If it is absolute, the path prevents the Compose file from being portable so Compose displays a warning. 
 
 In the later case, build arguments can be specified, including an alternate `Dockerfile` location. The path can be absolute or relative. If it is relative, it is resolved
-from the Compose file's parent folder. If it is absolute, the path prevents the Compose file from being portable so Compose displays a warning..
+from the Compose file's parent folder. If it is absolute, the path prevents the Compose file from being portable so Compose displays a warning.
+
+## Using `build` and `image`
 
-## Consistency with `image`
+When Compose is confronted with both a `build` subsection for a service and an `image` attribute. It follows the rules defined by the [`pull_policy`](05-services.md#pull_policy) attribute. 
+
+If `pull_policy` is missing from the service definition, Compose attempts to pull the image first and then builds from source if the image isn't found in the registry or platform cache. 
 
-When a service definition includes both the `image` attribute and a `build` section, Compose can't
-guarantee a pulled image is strictly equivalent to building the same image from source. Without any explicit
-user directives, Compose with `build` support first tries to pull the image, then builds from source
-if the image is not found on registry. Compose may offer options to customize this behaviour by user
-request.
 
 ## Publishing built images
 
 Compose with `build` support offers an option to push built images to a registry. When doing so, it doesn't try to push service images without an `image` attribute. Compose warns you about the missing `image` attribute which prevents images being pushed.
 
-A Compose implementation may offer a mechanism to compute an `image` attribute for services when not explicitly
-declared in a yaml file. In such cases, the resulting Compose configuration is considered to have a valid `image`
-attribute, whenever the actual raw yaml file doesn't explicitly declare one.
-
 ## Illustrative example
 
 The following example illustrates Compose Build Specification concepts with a concrete sample application. The sample is non-normative.

content/compose/compose-file/deploy.md

@@ -15,8 +15,7 @@ relevant data to allocate adequate resources on the platform and configure them
 
 ### endpoint_mode
 
-`endpoint_mode` specifies a service discovery method for external clients connecting to a service. Default and available values
-are platform specific but the Compose Deploy Specification defines two canonical values:
+`endpoint_mode` specifies a service discovery method for external clients connecting to a service. The Compose Deploy Specification defines two canonical values:
 
 * `endpoint_mode: vip`: Assigns the service a virtual IP (VIP) that acts as the front end for clients to reach the service
   on a network. Platform routes requests between the client and nodes running the service, without client knowledge of how

content/compose/gettingstarted.md

@@ -103,7 +103,7 @@ CMD ["flask", "run"]
 
 This tells Docker to:
 
-* Build an image starting with the Python 3.7 image.
+* Build an image starting with the Python 3.10 image.
 * Set the working directory to `/code`.
 * Set environment variables used by the `flask` command.
 * Install gcc and other dependencies

content/desktop/install/archlinux.md

@@ -8,9 +8,9 @@ aliases:
 - /desktop/linux/install/archlinux/
 ---
 
-This topic discusses installation of Docker Desktop from an [Arch package](https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-x86_64.pkg.tar.zst) that Docker provides in addition to the supported platforms. Docker has not tested or verified the installation.
+This topic discusses installation of Docker Desktop from an [Arch package](https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-x86_64.pkg.tar.zst) that Docker provides in addition to the supported platforms. Docker has not tested or verified the installation.
 
-{{< button text="Arch package (experimental)" url="https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-x86_64.pkg.tar.zst?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
+{{< button text="Arch package (experimental)" url="https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-x86_64.pkg.tar.zst?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
 
 _For checksums, see [Release notes](../release-notes.md)_
 

content/desktop/install/debian.md

@@ -10,7 +10,7 @@ aliases:
 
 This page contains information on how to install, launch, and upgrade Docker Desktop on a Debian distribution.
 
-{{< button text="DEB package" url="https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
+{{< button text="DEB package" url="https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
 
 _For checksums, see [Release notes](../release-notes.md)_
 
@@ -35,7 +35,7 @@ Recommended approach to install Docker Desktop on Debian:
 1. Set up Docker's `apt` repository.
    See step one of [Install using the `apt` repository](../../engine/install/debian.md#install-using-the-repository).
 
-2. Download latest [DEB package](https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64).
+2. Download latest [DEB package](https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64).
 
 3. Install the package with apt as follows:
 

content/desktop/install/fedora.md

@@ -10,7 +10,7 @@ aliases:
 
 This page contains information on how to install, launch and upgrade Docker Desktop on a Fedora distribution.
 
-{{< button text="RPM package" url="https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-x86_64.rpm?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
+{{< button text="RPM package" url="https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-x86_64.rpm?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
 
 ## Prerequisites
 
@@ -33,7 +33,7 @@ To install Docker Desktop on Fedora:
 
 1. Set up [Docker's package repository](../../engine/install/fedora.md#set-up-the-repository).
 
-2. Download latest [RPM package](https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-x86_64.rpm?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64).
+2. Download latest [RPM package](https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-x86_64.rpm?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64).
 
 3. Install the package with dnf as follows:
 

content/desktop/install/ubuntu.md

@@ -13,7 +13,7 @@ aliases:
 
 This page contains information on how to install, launch and upgrade Docker Desktop on an Ubuntu distribution.
 
-{{< button text="DEB package" url="https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
+{{< button text="DEB package" url="https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64" >}}
 
 _For checksums, see [Release notes](../release-notes.md)_
 
@@ -35,7 +35,7 @@ Recommended approach to install Docker Desktop on Ubuntu:
 1. Set up Docker's package repository.
    See step one of [Install using the `apt` repository](../../engine/install/ubuntu.md#install-using-the-repository).
 
-2. Download latest [DEB package](https://desktop.docker.com/linux/main/amd64/135262/docker-desktop-4.27.0-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64).
+2. Download latest [DEB package](https://desktop.docker.com/linux/main/amd64/136059/docker-desktop-4.27.1-amd64.deb?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-linux-amd64).
 
 3. Install the package with apt as follows: