trusted-content: restructure doi section

Signed-off-by: David Karlsson <[email protected]>
docker · Apr 8, 2024 · 07987a1 · 07987a1
1 parent 4b74397
commit 07987a1
Show file tree

Hide file tree

Showing 12 changed files with 219 additions and 105 deletions.
diff --git a/.github/vale/config/vocabularies/Docker/accept.txt b/.github/vale/config/vocabularies/Docker/accept.txt
@@ -114,6 +114,7 @@ Wasm
 Windows
 Zsh
 [Bb]uildx
+[Cc]odenames?
 [Cc]ompose
 [Dd]istros
 [Ff]ilepaths?
@@ -129,6 +130,7 @@ Zsh
 [Ss]andbox(ed)?
 [Ss]wappable
 [Ss]warm
+[Tt]oolchains?
 [Vv]irtualize
 [Ww]alkthrough
 cgroup
@@ -138,8 +140,8 @@ deserialization
 deserialize
 dockerignore
 firewalld
+g?libc
 gRPC
-glibc
 inotify
 iptables
 kubectl

diff --git a/content/build/building/base-images.md b/content/build/building/base-images.md
@@ -111,4 +111,4 @@ There are lots of resources available to help you write your `Dockerfile`.
 * There's a [complete guide to all the instructions](../../reference/dockerfile.md) available for use in a `Dockerfile` in the reference section.
 * To help you write a clear, readable, maintainable `Dockerfile`, we've also
   written a [Dockerfile best practices guide](../../develop/develop-images/dockerfile_best-practices.md).
-* If your goal is to create a new Docker Official Image, read [Docker Official Images](../../trusted-content/official-images.md).
+* If your goal is to create a new Docker Official Image, read [Docker Official Images](../../trusted-content/official-images/_index.md).
diff --git a/content/develop/develop-images/dockerfile_best-practices.md b/content/develop/develop-images/dockerfile_best-practices.md
@@ -48,7 +48,7 @@ deleting files, are written to this writable container layer.
 
 * [Dockerfile reference](../../reference/dockerfile.md)
 * [More about Automated builds](../../docker-hub/builds/index.md)
-* [Guidelines for creating Docker Official Images](../../trusted-content/official-images.md)
+* [Guidelines for creating Docker Official Images](../../trusted-content/official-images/_index.md)
 * [Best practices to containerize Node.js web applications with Docker](https://snyk.io/blog/10-best-practices-to-containerize-nodejs-web-applications-with-docker)
 * [More about base images](../../build/building/base-images.md)
 * [More on image layers and how Docker builds and stores images](../../storage/storagedriver/index.md).

diff --git a/content/develop/security-best-practices.md b/content/develop/security-best-practices.md
@@ -21,7 +21,7 @@ image. When choosing an image, ensure it's built from a trusted source and keep
 it small.
 
 Docker Hub has more than 8.3 million repositories. Some of these images are
-[Official Images](../trusted-content/official-images.md), which are published by
+[Official Images](../trusted-content/official-images/_index.md), which are published by
 Docker as a curated set of Docker open source and drop-in solution repositories.
 Docker also offers images that are published by
 [Verified Publishers](../trusted-content/dvp-program.md). These high-quality images

diff --git a/content/docker-hub/repos/access.md b/content/docker-hub/repos/access.md
@@ -65,7 +65,7 @@ In the previous example, you can see two example results, `centos` and `ansible/
 The second result shows that it comes from the public repository of a user,
 named `ansible/`, while the first result, `centos`, doesn't explicitly list a
 repository which means that it comes from the top-level namespace for
-[Docker Official Images](../../../trusted-content/official-images.md).
+[Docker Official Images](../../trusted-content/official-images/_index.md).
 The `/` character separates a user's repository from the image name.
 
 Once you've found the image you want, you can download it with `docker pull <imagename>`:

diff --git a/content/security/security-announcements.md b/content/security/security-announcements.md
@@ -35,7 +35,7 @@ If you are using affected versions of runc, BuildKit, Moby, or Docker Desktop, m
 
 If you are unable to update to an unaffected version promptly, follow these best practices to mitigate risk: 
 
-* Only use trusted Docker images (such as [Docker Official Images](../trusted-content/official-images.md)).
+* Only use trusted Docker images (such as [Docker Official Images](../trusted-content/official-images/_index.md)).
 * Don’t build Docker images from untrusted sources or untrusted Dockerfiles.
 * If you are a Docker Business customer using Docker Desktop and unable to update to v4.27.1, make sure to enable [Hardened Docker Desktop](../desktop/hardened-desktop/_index.md) features such as:
   * [Enhanced Container Isolation](../desktop/hardened-desktop/enhanced-container-isolation/_index.md), which mitigates the impact of CVE-2024-21626 in the case of running containers from malicious images.
@@ -116,7 +116,7 @@ the Text4Shell CVE in the vulnerability report. For detailed instructions, see [
 
 ### Docker Official Images impacted by CVE-2022-42889
 
-A number of [Docker Official Images](../trusted-content/official-images.md) contain the vulnerable versions of
+A number of [Docker Official Images](../trusted-content/official-images/_index.md) contain the vulnerable versions of
 Apache Commons Text. The following lists Docker Official Images that
 may contain the vulnerable versions of Apache Commons Text:
 
@@ -169,7 +169,7 @@ Log4j 2 CVE in the vulnerability report. For detailed instructions, see [Scan im
 
 _Last updated December 2021_
 
-A number of [Docker Official Images](../trusted-content/official-images.md) contain the vulnerable versions of
+A number of [Docker Official Images](../trusted-content/official-images/_index.md) contain the vulnerable versions of
 Log4j 2 CVE-2021-44228. The following table lists Docker Official Images that
 may contained the vulnerable versions of Log4j 2. We updated Log4j 2 in these images to the latest version. Some of these images may not be
 vulnerable for other reasons. We recommend that you also review the guidelines published on the upstream websites.

diff --git a/content/trusted-content/images/supported_tags.webp b/content/trusted-content/images/supported_tags.webp
diff --git a/content/trusted-content/official-images.md b/content/trusted-content/official-images.md
diff --git a/content/trusted-content/official-images/_index.md b/content/trusted-content/official-images/_index.md
@@ -0,0 +1,40 @@
+---
+description: Guidelines for Official Images on Docker Hub
+keywords: Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs,
+  official,image, documentation
+title: Docker Official Images
+aliases:
+- /docker-hub/official_repos/
+- /docker-hub/official_images/
+---
+
+The [Docker Official Images](https://hub.docker.com/search?q=&type=image&image_filter=official)
+are a curated set of Docker repositories hosted on Docker Hub.
+
+These images provide essential base repositories that serve as the starting
+point for the majority of users.
+
+These include operating systems such as
+[Ubuntu](https://hub.docker.com/_/ubuntu/) and
+[Alpine](https://hub.docker.com/_/alpine/), programming languages such as
+[Python](https://hub.docker.com/_/python) and
+[Node](https://hub.docker.com/_/node), and other essential tools such as
+[memcached](https://hub.docker.com/_/memcached) and
+[MySQL](https://hub.docker.com/_/mysql).
+
+The images are some of the [most secure images](https://www.docker.com/blog/enhancing-security-and-transparency-with-docker-official-images/)
+on Docker Hub. This is particularly important as Docker Official Images are
+some of the most popular on Docker Hub. Typically, Docker Official images have
+few or no vulnerabilities.
+
+The images exemplify [`Dockerfile` best practices](../../develop/develop-images/dockerfile_best-practices.md)
+and provide clear documentation to serve as a reference for other `Dockerfile` authors.
+
+Images that are part of this program have a special badge on Docker Hub making
+it easier for you to identify projects that are official Docker images.
+
+![Docker official image badge](../images/official-image-badge-iso.png)
+
+## In this section
+
+{{% sectionlinks %}}
diff --git a/content/trusted-content/official-images/contributing.md b/content/trusted-content/official-images/contributing.md
@@ -0,0 +1,58 @@
+---
+title: Contributing to Docker Official Images
+description: |
+  This article describes how Docker Official Images are created,
+  and how you can contribute or leave feedback.
+keywords: docker official images, doi, contributing, upstream, open source
+---
+
+Docker, Inc. sponsors a dedicated team that's responsible for reviewing and
+publishing all content in Docker Official Images. This team works in
+collaboration with upstream software maintainers, security experts, and the
+broader Docker community.
+
+While it's preferable to have upstream software authors maintaining their
+Docker Official Images, this isn't a strict requirement. Creating
+and maintaining images for Docker Official Images is a collaborative process.
+It takes place [openly on GitHub](https://github.com/docker-library/official-images)
+where participation is encouraged. Anyone can provide feedback, contribute
+code, suggest process changes, or even propose a new Official Image.
+
+> **Note**
+>
+> Docker Official Images are the intellectual property of Docker.
+
+## Creating a Docker Official Image
+
+From a high level, an Official Image starts out as a proposal in the form
+of a set of GitHub pull requests. The following GitHub repositories detail the proposal requirements:
+
+- [Docker Official Images repository on GitHub](https://github.com/docker-library/official-images#readme)
+- [Documentation for Docker Official Images](https://github.com/docker-library/docs#readme)
+
+The Docker Official Images team, with help from community contributors, formally
+review each proposal and provide feedback to the author. This initial review
+process may require a bit of back-and-forth before the proposal is accepted.
+
+There are subjective considerations during the review process. These
+subjective concerns boil down to the basic question: "is this image generally
+useful?" For example, the [Python](https://hub.docker.com/_/python/)
+Docker Official Image is "generally useful" to the larger Python developer
+community, whereas an obscure text adventure game written in Python last week is
+not.
+
+Once a new proposal is accepted, the author is responsible for keeping their
+images and documentation up-to-date and responding to user feedback. Docker is
+responsible for building and publishing the images on Docker Hub. Updates to
+Docker Official Images follow the same pull request process as for new images,
+although review process for updates is more streamlined. The Docker Official
+Images team ultimately acts as a gatekeeper for all changes, which helps
+ensures consistency, quality, and security.
+
+## Submitting feedback for Docker Official Images
+
+All Docker Official Images contain a **User Feedback** section in their
+documentation which covers the details for that specific repository. In most
+cases, the GitHub repository which contains the Dockerfiles for an Official
+Repository also has an active issue tracker. General feedback and support
+questions should be directed to `#docker-library` on [Libera.Chat IRC](https://libera.chat).