diff --git a/content/manuals/admin/organization/insights.md b/content/manuals/admin/organization/insights.md index 187f0c57e40..f06a0a5fb52 100644 --- a/content/manuals/admin/organization/insights.md +++ b/content/manuals/admin/organization/insights.md @@ -34,11 +34,12 @@ To access Insights, you must contact your Customer Success Manager to have the feature enabled. Once the feature is enabled, access Insights using the following steps: -1. Go to the [Admin Console](https://app.docker.com/admin/) and sign in to an - account that is an organization owner. -2. Select your company on the **Choose profile** page. -3. Select **Insights**. -4. On the **Insights** page, select the period of time for the data. +1. Open [Docker Home](https://app.docker.com/) and select your organization +on the **Choose profile** page. +1. Select **Admin Console** in the left-hand navigation menu. +1. Select **Desktop insights**. +1. Choose a timeframe for your insights data: **1 Week**, **1 Month**, or +**3 Months**. > [!NOTE] > @@ -63,7 +64,7 @@ organization, providing insights into how many users are actively using Docker Desktop. Note that users who opt out of analytics aren't included in the active counts. -The chart contains the following data. +The chart contains the following data: | Data | Description | |:-----------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -79,7 +80,7 @@ Monitor development efficiency and the time your team invests in builds with this chart. It provides a clear view of the build activity, helping you identify patterns, optimize build times, and enhance overall development productivity. -The chart contains the following data. +The chart contains the following data: | Data | Description | |:-----------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -94,7 +95,7 @@ View the total and average number of containers run by users with this chart. It lets you gauge container usage across your organization, helping you understand usage trends and manage resources effectively. -The chart contains the following data. +The chart contains the following data: | Data | Description | |:---------------------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -109,7 +110,7 @@ workflows and ensure compatibility. It provides valuable insights into how Docker Desktop is being utilized, enabling you to streamline processes and improve efficiency. -The chart contains the following data. +The chart contains the following data: | Data | Description | |:----------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -126,10 +127,11 @@ usage, ensuring that the most critical resources are readily available and efficiently used. > [!NOTE] +> > Data for images is only for Docker Hub. Data for third-party > registries and mirrors aren't included. -The chart contains the following data. +The chart contains the following data: | Data | Description | |:---------------------|:----------------------------------------------------------------------------------------------------------------| @@ -143,26 +145,60 @@ Monitor extension installation activity with this chart. It provides visibility into the Docker Desktop extensions your team are using, letting you track adoption and identify popular tools that enhance productivity. -The chart contains the following data. +The chart contains the following data: | Data | Description | |:-----------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------| | Percentage of org with extensions installed | The percentage of users in your organization with at least one Docker Desktop extension installed. | | Top 5 extensions installed in the organization | A list of the top 5 Docker Desktop extensions installed by users in your organization and the number of users who have installed each extension. | +## Export Docker Desktop user data + +You can export Docker Desktop user data as a CSV file: + +1. Open [Docker Home](https://app.docker.com) and select your organization +on the **Choose profile** page. +1. Select **Admin Console** in the left-hand navigation menu. +1. Select **Desktop insights**. +1. Choose a timeframe for your insights data: **1 Week**, **1 Month**, or +**3 Months**. +1. Select **Export** and choose **Docker Desktop users** from the drop-down. + +Your export will automatically download. Open the file to view +the export data. + +### Understanding export data + +A Docker Desktop user export file contains the following data points: + +- Name: User's name +- Username: User's Docker ID +- Email: User's email address associated with their Docker ID +- Type: User type +- Role: User [role](/manuals/security/for-admins/roles-and-permissions.md) +- Teams: Team(s) within your organization the user is a +member of +- Date Joined: The date the user joined your organization +- Last Logged-In Date: The last date the user logged into Docker using +their web browser (this include Docker Hub and Docker Home) +- Docker Desktop Version: The version of Docker Desktop the user has +installed +- Last Seen Date: The last date the user used the Docker Desktop application +- Opted Out Analytics: Whether the user has opted out of the +[Send usage statistics](/manuals/security/for-admins/hardened-desktop/settings-management/settings-reference.md#send-usage-statistics) setting in Docker Desktop ## Troubleshoot Insights If you’re experiencing issues with data in Insights, consider the following solutions to resolve common problems. -* Update users to the latest version of Docker Desktop. +- Update users to the latest version of Docker Desktop. Data is not shown for users using versions 4.16 or lower of Docker Desktop. In addition, older versions may not provide all data. Ensure all users have installed the latest version of Docker Desktop. -* Enable **Send usage statistics** in Docker Desktop for all your users. +- Enable **Send usage statistics** in Docker Desktop for all your users. If users have opted out of sending usage statistics for Docker Desktop, then their usage data will not be a part of Insights. To manage the setting at @@ -170,14 +206,14 @@ solutions to resolve common problems. Management](/desktop/hardened-desktop/settings-management/) and enable the `analyticsEnabled` setting. -* Ensure that users are using Docker Desktop and aren't using the standalone +- Ensure that users are using Docker Desktop and aren't using the standalone version of Docker Engine. Only Docker Desktop can provide data for Insights. If a user installs and uses Docker Engine outside of Docker Desktop, Docker Engine won't provide data for that user. -* Ensure that users are signing in to an account associated with your +- Ensure that users are signing in to an account associated with your organization. Users who don’t sign in to an account associated with your organization are diff --git a/content/manuals/ai/model-runner/_index.md b/content/manuals/ai/model-runner/_index.md index bda21d4d198..faa2f32d74f 100644 --- a/content/manuals/ai/model-runner/_index.md +++ b/content/manuals/ai/model-runner/_index.md @@ -100,6 +100,10 @@ You can now use the `docker model` command in the CLI and view and interact with Models are cached locally. +> [!NOTE] +> +> When working with the Docker CLI, you can also pull models directly from [HuggingFace](https://huggingface.co/). + {{< tabs group="release" >}} {{< tab name="From Docker Desktop">}} @@ -109,7 +113,15 @@ Models are cached locally. {{< /tab >}} {{< tab name="From the Docker CLI">}} -Use the [`docker model pull` command](/reference/cli/docker/model/pull/). +Use the [`docker model pull` command](/reference/cli/docker/model/pull/). For example: + +```bash {title="Pulling from Docker Hub"} +docker model pull ai/smollm2:360M-Q4_K_M +``` + +```bash {title="Pulling from HuggingFace"} +docker model pull hf.co/bartowski/Llama-3.2-1B-Instruct-GGUF +``` {{< /tab >}} {{< /tabs >}} diff --git a/content/manuals/desktop/setup/install/windows-install.md b/content/manuals/desktop/setup/install/windows-install.md index ca3a61a3651..5fe9b2e73f7 100644 --- a/content/manuals/desktop/setup/install/windows-install.md +++ b/content/manuals/desktop/setup/install/windows-install.md @@ -57,7 +57,7 @@ _For checksums, see [Release notes](/manuals/desktop/release-notes.md)_ - 64-bit processor with [Second Level Address Translation (SLAT)](https://en.wikipedia.org/wiki/Second_Level_Address_Translation) - 4GB system RAM - Enable hardware virtualization in BIOS/UEFI. For more information, see - [Virtualization](/manuals/desktop/troubleshoot-and-support/troubleshoot/topics.md#virtualization). + [Virtualization](/manuals/desktop/troubleshoot-and-support/troubleshoot/topics.md#docker-desktop-fails-due-to-virtualization-not-working). For more information on setting up WSL 2 with Docker Desktop, see [WSL](/manuals/desktop/features/wsl/_index.md). diff --git a/content/manuals/dhi/about/what.md b/content/manuals/dhi/about/what.md index 6952a84b653..3c4de9a4386 100644 --- a/content/manuals/dhi/about/what.md +++ b/content/manuals/dhi/about/what.md @@ -56,11 +56,12 @@ so you don’t have to. Level 3](../core-concepts/slsa.md), ensuring a tamper-resistant, verifiable, and auditable build process that protects against supply chain threats. -- Distroless approach: Unlike traditional base images that bundle an entire OS - with shells and package managers, [distroless - images](../core-concepts/distroless.md) exclude the OS layer and include only - your app and its runtime dependencies, reducing the attack surface by up to 95 - percent and improving performance. +- Distroless approach: Unlike traditional base images that bundle an entire OS + with shells, package managers, and debugging tools, [distroless + images](../core-concepts/distroless.md) retain only the minimal OS components + required to run your application. By excluding unnecessary tooling and + libraries, they reduce the attack surface by up to 95% and can improve + performance and image size. - Continuous maintenance: All DHIs are continuously monitored and updated to maintain near-zero known exploitable [CVEs](../core-concepts/cves.md), helping diff --git a/content/manuals/scout/explore/dashboard.md b/content/manuals/scout/explore/dashboard.md index af6d75e4e65..2e1c666e3b6 100644 --- a/content/manuals/scout/explore/dashboard.md +++ b/content/manuals/scout/explore/dashboard.md @@ -11,10 +11,10 @@ aliases: The [Docker Scout Dashboard](https://scout.docker.com/) helps you share the analysis of images in an organization with your team. Developers can now see an -overview of their security status across all their images from both Docker Hub -and Artifactory, and get remediation advice at their fingertips. It helps team -members in roles such as security, compliance, and operations to know what -vulnerabilities and issues they need to focus on. +overview of their security status across all their images from Docker Hub, and +get remediation advice at their fingertips. It helps team members in roles such +as security, compliance, and operations to know what vulnerabilities and issues +they need to focus on. ## Overview diff --git a/content/manuals/scout/images/release-notes/artifactory-agent.gif b/content/manuals/scout/images/release-notes/artifactory-agent.gif deleted file mode 100644 index eaa7b6c3f9e..00000000000 Binary files a/content/manuals/scout/images/release-notes/artifactory-agent.gif and /dev/null differ diff --git a/content/manuals/scout/integrations/_index.md b/content/manuals/scout/integrations/_index.md index ce945300e09..7916377c857 100644 --- a/content/manuals/scout/integrations/_index.md +++ b/content/manuals/scout/integrations/_index.md @@ -25,7 +25,6 @@ aren't hosted on Docker Hub. The following container registry integrations are available: -- [Artifactory](./registry/artifactory.md) - [Amazon Elastic Container Registry](./registry/ecr.md) - [Azure Container Registry](./registry/acr.md) diff --git a/content/manuals/scout/integrations/registry/artifactory.md b/content/manuals/scout/integrations/registry/artifactory.md deleted file mode 100644 index cc0d1774e5f..00000000000 --- a/content/manuals/scout/integrations/registry/artifactory.md +++ /dev/null @@ -1,191 +0,0 @@ ---- -description: Integrate JFrog Artifactory and JFrog Container Registry with Docker Scout -keywords: docker scout, jfrog, artifactory, jcr, integration, image analysis, security, cves -title: Integrate Docker Scout with Artifactory -linkTitle: Artifactory -aliases: - - /scout/artifactory/ ---- - -Integrating Docker Scout with JFrog Artifactory lets you run image analysis -automatically on images in Artifactory registries. - -## Local image analysis - -You can analyze Artifactory images for vulnerabilities locally using Docker Desktop or the Docker CLI. You first need to authenticate with JFrog Artifactory using the [`docker login`](/reference/cli/docker/login/) command. For example: - -```bash -docker login {URL} -``` - -> [!TIP] -> -> For cloud-hosted Artifactory you can find the credentials for your Artifactory repository by -> selecting it in the Artifactory UI and then the **Set Me Up** button. - -## Remote image analysis - -To automatically analyze images running in remote environments you need to deploy the Docker Scout Artifactory agent. The agent is a -standalone service that analyzes images and uploads the result to Docker Scout. -You can view the results using the -[Docker Scout Dashboard](https://scout.docker.com/). - -### How the agent works - -The Docker Scout Artifactory agent is available as an -[image on Docker Hub](https://hub.docker.com/r/docker/artifactory-agent). The agent works by continuously polling -Artifactory for new images. When it finds a new image, it performs the following -steps: - -1. Pull the image from Artifactory -2. Analyze the image -3. Upload the analysis result to Docker Scout - -The agent records the Software Bill of Materials (SBOM) for the image, and the -SBOMs for all of its base images. The recorded SBOMs include both Operating -System (OS)-level and application-level programs or dependencies that the image -contains. - -Additionally, the agent sends the following metadata about the image to Docker Scout: - -- The source repository URL and commit SHA for the image -- Build instructions -- Build date -- Tags and digest -- Target platforms -- Layer sizes - -The agent never transacts the image -itself, nor any data inside the image, such as code, binaries, and layer blobs. - -The agent doesn't detect and analyze pre-existing images. It only analyzes -images that appear in the registry while the agent is running. - -### Deploy the agent - -This section describes the steps for deploying the Artifactory agent. - -#### Prerequisites - -Before you deploy the agent, ensure that you meet the prerequisites: - -- The server where you host the agent can access the following resources over - the network: - - Your JFrog Artifactory instance - - `hub.docker.com`, port 443, for authenticating with Docker - - `api.dso.docker.com`, port 443, for transacting data to Docker Scout -- The registries are Docker V2 registries. V1 registries aren't supported. - -The agent supports all versions of JFrog Artifactory and JFrog Container -Registry. - -#### Create the configuration file - -You configure the agent using a JSON file. The agent expects the configuration -file to be in `/opt/artifactory-agent/data/config.json` on startup. - -The configuration file includes the following properties: - -| Property | Description | -| --------------------------- | ------------------------------------------------------------------------------- | -| `agent_id` | Unique identifier for the agent. | -| `docker.organization_name` | Name of the Docker organization. | -| `docker.username` | Username of the admin user in the Docker organization. | -| `docker.pat` | Personal access token of the admin user with read and write permissions. | -| `artifactory.base_url` | Base URL of the Artifactory instance. | -| `artifactory.username` | Username of the Artifactory user with read permissions that the agent will use. | -| `artifactory.password` | Password or API token for the Artifactory user. | -| `artifactory.image_filters` | Optional: List of repositories and images to analyze. | - -If you don't specify any repositories in `artifactory.image_filters`, the agent -runs image analysis on all images in your Artifactory instance. - -The following snippet shows a sample configuration: - -```json -{ - "agent_id": "acme-prod-agent", - "docker": { - "organization_name": "acme", - "username": "mobythewhale", - "pat": "dckr_pat__dsaCAs_xL3kNyupAa7dwO1alwg" - }, - "artifactory": [ - { - "base_url": "https://acme.jfrog.io", - "username": "acmeagent", - "password": "hayKMvFKkFp42RAwKz2K", - "image_filters": [ - { - "repository": "dev-local", - "images": ["internal/repo1", "internal/repo2"] - }, - { - "repository": "prod-local", - "images": ["staging/repo1", "prod/repo1"] - } - ] - } - ] -} -``` - -Create a configuration file and save it somewhere on the server where you plan -to run the agent. For example, `/var/opt/artifactory-agent/config.json`. - -#### Run the agent - -The following example shows how to run the Docker Scout Artifactory agent using -`docker run`. This command creates a bind mount for the directory containing the -JSON configuration file created earlier at `/opt/artifactory-agent/data` inside -the container. Make sure the mount path you use is the directory containing the -`config.json` file. - - -> [!IMPORTANT] -> -> Use the `v1` tag of the Artifactory agent image. Don't use the `latest` tag as -> doing so may incur breaking changes. - -```console -$ docker run \ - --mount type=bind,src=/var/opt/artifactory-agent,target=/opt/artifactory-agent/data \ - docker/artifactory-agent:v1 -``` - -#### Analyzing pre-existing data - -By default the agent detects and analyzes images as they're created and -updated. If you want to use the agent to analyze pre-existing images, you -can use backfill mode. Use the `--backfill-from=TIME` command line option, -where `TIME` is an ISO 8601 formatted time, to run the agent in backfill mode. -If you use this option, the agent analyzes all images pushed between that -time and the current time when the agent starts, then exits. - -For example: - -```console -$ docker run \ - --mount type=bind,src=/var/opt/artifactory-agent,target=/opt/artifactory-agent/data \ - docker/artifactory-agent:v1 --backfill-from=2022-04-10T10:00:00Z -``` - -When running a backfill multiple times, the agent won't analyze images that -it's already analyzed. To force re-analysis, provide the `--force` command -line flag. - -### View analysis results - -You can view the image analysis results in the Docker Scout Dashboard. - -1. Go to [Images page](https://scout.docker.com/reports/images/) in the Docker Scout Dashboard. - - This page displays the Docker Scout-enabled repositories in your organization. - -2. Select the image in the list. -3. Select the tag. - -When you have selected a tag, you're taken to the vulnerability report for that -tag. Here, you can select if you want to view all vulnerabilities in the image, -or vulnerabilities introduced in a specific layer. You can also filter -vulnerabilities by severity, and whether or not there's a fix version available. diff --git a/content/manuals/scout/release-notes/platform.md b/content/manuals/scout/release-notes/platform.md index 67fe74e8782..c794f98ce80 100644 --- a/content/manuals/scout/release-notes/platform.md +++ b/content/manuals/scout/release-notes/platform.md @@ -297,12 +297,9 @@ documentation](../integrations/environment/sysdig.md). The new JFrog Artifactory integration enables automatic image analysis on Artifactory registries. -![Animation of how to integrate Artifactory](../images/release-notes/artifactory-agent.gif) - The integration involves deploying a Docker Scout Artifactory agent that polls for new images, performs analysis, and uploads results to Docker Scout, all -while preserving the integrity of image data. Learn more in the [Artifactory -integration documentation](../integrations/registry/artifactory.md) +while preserving the integrity of image data. #### Known limitations diff --git a/hugo_stats.json b/hugo_stats.json index 08222bd6438..9748c47ca59 100644 --- a/hugo_stats.json +++ b/hugo_stats.json @@ -313,6 +313,7 @@ "h-2", "h-32", "h-48", + "h-5", "h-6", "h-8", "h-[calc(100vh-64px)]", @@ -542,6 +543,7 @@ "text-gray-400", "text-gray-500", "text-gray-600", + "text-gray-800", "text-left", "text-lg", "text-magenta-light", @@ -564,6 +566,7 @@ "truncate", "underline-offset-2", "w-2", + "w-5", "w-56", "w-8", "w-[1200px]",