Merge pull request #74 from docker/v1.2.0

Publish v1.2.0 release

dist/docker-scout_1.2.0_checksums.txt

@@ -0,0 +1,6 @@
+4676031e7ae43b65538a96fe94b49661188a5afb51bf977b51c67b85ee2c1c3d  docker-scout_1.2.0_darwin_amd64.tar.gz
+78bc9f02cabaae45f403dbbdc46a27bfbe2191c8b5cd0464c43df2b6cd6403b9  docker-scout_1.2.0_darwin_arm64.tar.gz
+f573fd5fbf52001653baaae25571636b12e67d123bd0ec32458ebddfb2c0f2b6  docker-scout_1.2.0_linux_amd64.tar.gz
+2dfea0d7101da62a2462a906dade39cac556df34e028599d41cc9d816b25b1c5  docker-scout_1.2.0_linux_arm64.tar.gz
+3d554e6846ef151a3f131e7493e79473538fb4758b9df80ec0f69608c695788e  docker-scout_1.2.0_windows_amd64.zip
+62715f8ebb0654d6a3b96997202426c8db3ca23ca897b335f7a3dc39192c6700  docker-scout_1.2.0_windows_arm64.zip

docs/docker_scout.yaml

@@ -43,6 +43,16 @@ options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 deprecated: false
 experimental: false
 experimentalcli: false

docs/docker_scout_cache.yaml

@@ -20,6 +20,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 deprecated: false
 experimental: false
 experimentalcli: false

docs/docker_scout_cache_df.yaml

@@ -1,12 +1,13 @@
 command: docker scout cache df
 short: Show Docker Scout disk usage
 long: |-
-    Docker Scout stores temporary files to generate SBOMs of images and cache the results to not generate or fetch them again.
+    Docker Scout uses a temporary cache storage for generating image SBOMs.
+    The cache helps avoid regenerating or fetching resources unnecessarily.
 
-    This `docker scout cache df` command will list all the temporary and cached data on the host. Each is identified by the
-    digest of the image.
+    This `docker scout cache df` command shows the cached data on the host.
+    Each cache entry is identified by the digest of the image.
 
-    Those data can be deleted using the `docker scout cache prune` command.
+    You can use the `docker scout cache prune` command to delete cache data at any time.
 usage: docker scout cache df
 pname: docker scout cache
 plink: docker_scout_cache.yaml
@@ -21,6 +22,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 examples: |-
     ### List temporary and cache files
 

docs/docker_scout_cache_prune.yaml

@@ -1,12 +1,10 @@
 command: docker scout cache prune
 short: Remove temporary or cached data
 long: |-
-    Docker Scout stores temporary files to generate SBOMs of images and cache those SBOMs to not generate or fetch them again.
+    The `docker scout cache prune` command removes temporary data and SBOM cache.
 
-    The `docker scout cache prune` command will remove all the temporary files used while generating the SBOMs.
-
-    By default the cached SBOMs will not be deleted are they can be used by the different `docker scout` commands. But the `--sboms`
-    flag can be used to delete them.
+    By default, `docker scout cache prune` only deletes temporary data.
+    To delete temporary data and clear the SBOM cache, use the `--sboms` flag.
 usage: docker scout cache prune
 pname: docker scout cache
 plink: docker_scout_cache.yaml
@@ -43,6 +41,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 examples: |-
     ### Delete temporary data
 

docs/docker_scout_compare.yaml

@@ -2,14 +2,15 @@ command: docker scout compare
 aliases: docker scout compare, docker scout diff
 short: Compare two images and display differences (experimental)
 long: |-
-    The `docker scout compare` command analyzes two images and displays a comparison of both.
+    The `docker scout compare` command analyzes two images and displays a comparison.
 
     > This command is **experimental** and its behaviour might change in the future
 
-    The main usage is to compare two versions of the same image.
-    For instance when a new image is built and compared to the version running in production.
+    The intended use of this command is to compare two versions of the same image.
+    For instance, when a new image is built and compared to the version running in production.
 
-    If no image is specified, the most recently built image will be used.
+    If no image is specified, the most recently built image is used
+    as a comparison target.
 
     The following artifact types are supported:
 
@@ -18,8 +19,6 @@ long: |-
     - Tarball archives, as created by `docker save`
     - Local directory or file
 
-    The tool analyzes the provided software artifact, and generates a vulnerability report.
-
     By default, the tool expects an image reference, such as:
 
     - `redis`
@@ -33,7 +32,7 @@ long: |-
     - `local://` use an image from the local image store (don't do a registry lookup)
     - `registry://` use an image from a registry (don't use a local image)
     - `oci-dir://` use an OCI layout directory
-    - `archive://` use a tarball archive, as created by docker save
+    - `archive://` use a tarball archive, as created by `docker save`
     - `fs://` use a local directory or file
 usage: docker scout compare --to IMAGE|DIRECTORY|ARCHIVE [IMAGE|DIRECTORY|ARCHIVE]
 pname: docker scout
@@ -44,6 +43,18 @@ options:
       value_type: bool
       default_value: "false"
       description: Return exit code '2' if vulnerability changes are detected
+      deprecated: true
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: exit-on
+      shorthand: x
+      value_type: stringSlice
+      default_value: '[]'
+      description: |
+        Comma separated list of conditions to fail the action step if worse, options are: vulnerability, policy
       deprecated: false
       hidden: false
       experimental: false
@@ -253,6 +264,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 examples: |-
     ### Compare the most recently built image to the latest tag
 

docs/docker_scout_config.yaml

@@ -4,7 +4,8 @@ long: |-
     `docker scout config` allows you to list, get and set Docker Scout configuration.
 
     Available configuration key:
-    - `organization`: Namespace of the Docker organization to be used by default if it cannot be inferred from the image reference
+
+    - `organization`: Namespace of the Docker organization to be used by default.
 usage: docker scout config [KEY] [VALUE]
 pname: docker scout
 plink: docker_scout.yaml
@@ -19,6 +20,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 examples: |-
     ### List existing configuration
 

docs/docker_scout_cves.yaml

@@ -3,7 +3,7 @@ short: Display CVEs identified in a software artifact
 long: |-
     The `docker scout cves` command analyzes a software artifact for vulnerabilities.
 
-    If no image is specified, the most recently built image will be used.
+    If no image is specified, the most recently built image is used.
 
     The following artifact types are supported:
 
@@ -12,8 +12,6 @@ long: |-
     - Tarball archives, as created by `docker save`
     - Local directory or file
 
-    The tool analyzes the provided software artifact, and generates a vulnerability report.
-
     By default, the tool expects an image reference, such as:
 
     - `redis`
@@ -27,7 +25,7 @@ long: |-
     - `local://` use an image from the local image store (don't do a registry lookup)
     - `registry://` use an image from a registry (don't use a local image)
     - `oci-dir://` use an OCI layout directory
-    - `archive://` use a tarball archive, as created by docker save
+    - `archive://` use a tarball archive, as created by `docker save`
     - `fs://` use a local directory or file
 usage: docker scout cves [OPTIONS] [IMAGE|DIRECTORY|ARCHIVE]
 pname: docker scout
@@ -297,6 +295,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 examples: |-
     ### Display vulnerabilities grouped by package
 
@@ -351,7 +359,7 @@ examples: |-
 
     ### Display markdown output
 
-    The markdown output also contains HTML tags to have a better rendering. This output can be used for instance in Pull Request comments.
+    The following example shows how to generate the vulnerability report as markdown.
 
     ```console
     $ docker scout cves --format markdown alpine
@@ -372,11 +380,10 @@ examples: |-
     ...
     ```
 
-    ### List all packages of a certain typethat are vulnerable
-
-    The output will show the list of the packages of the image, that can be filtered, with the summary of vulnerabilities for each.
+    ### List all vulnerable packages of a certain type
 
-    By default even packages with no vulnerabilities will be displayed.
+    The following example shows how to generate a list of packages, only including
+    packages of the specified type, and only showing packages that are vulnerable.
 
     ```console
     $ docker scout cves --format only-packages --only-package-type golang --only-vuln-packages golang:1.18.0

docs/docker_scout_enroll.yaml

@@ -16,6 +16,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 deprecated: false
 experimental: false
 experimentalcli: false

docs/docker_scout_environment.yaml

@@ -2,9 +2,16 @@ command: docker scout environment
 aliases: docker scout environment, docker scout env
 short: Manage environments (experimental)
 long: |-
-    The `docker scout environment` command lists the environments and records images to it.
+    The `docker scout environment` command lists the environments.
+    If you pass an image reference, the image is recorded to the specified environment.
 
-    Once recorded, environments can be referred to by their name, eg. in the `docker scout compare` command using `--to-env`.`
+    Once recorded, environments can be referred to by their name. For example,
+    you can refer to the `production` environment with the `docker scout compare`
+    command as follows:
+
+    ```console
+    $ docker scout compare --to-env production
+    ```
 usage: docker scout environment [ENVIRONMENT] [IMAGE]
 pname: docker scout
 plink: docker_scout.yaml
@@ -48,6 +55,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 examples: |-
     ### List existing environments
 

docs/docker_scout_help.yaml

@@ -15,6 +15,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 deprecated: false
 experimental: false
 experimentalcli: false

docs/docker_scout_integration.yaml

@@ -22,6 +22,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 deprecated: false
 experimental: false
 experimentalcli: false

docs/docker_scout_integration_configure.yaml

@@ -45,6 +45,16 @@ inherited_options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 deprecated: false
 experimental: false
 experimentalcli: false