From 5eaeb09500f8013a823d63db7f3ba4d77c070ac0 Mon Sep 17 00:00:00 2001 From: Tomasz Barwicki Date: Tue, 5 Dec 2023 12:13:40 +0100 Subject: [PATCH 1/6] docs: update trg-4-02 --- docs/release/trg-4/trg-4-02.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/release/trg-4/trg-4-02.md b/docs/release/trg-4/trg-4-02.md index 7820bd19826..4561addf6fe 100644 --- a/docs/release/trg-4/trg-4-02.md +++ b/docs/release/trg-4/trg-4-02.md @@ -2,10 +2,6 @@ title: TRG 4.02 - Base images --- -:::caution -Proposed release date: "mandatory after": 19th of May 2023 -::: - | Status | Created | Post-History | |--------|-------------|---------------------------------------------------------------------------------| | Draft | 04-May-2023 | Remove notice in favor of dedicated TRG; Add mandatory base image for frontends | @@ -23,6 +19,9 @@ As Eclipse Tractus-X project, we don't have automated processes for publishing c DockerHub is running container scans for all [official images](https://docs.docker.com/trusted-content/official-images/) and is publishing the scans result in the [docker-library/repo-info repository](https://github.com/docker-library/repo-info). +Utilizing images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. +DockerHub provides a centralized platform where developers can access a wide range of pre built containers which adhere to established best practices and meet certain standards of quality, security, and reliability, giving developers confidence in the integrity of the containers they deploy. By incorporating prepared images, teams can foster consistency across environments, reduce the likelihood of vulnerabilities, and accelerate the overall software delivery pipeline rather than managing complex container configurations from scratch. + We are leveraging this information by restricting the base images we use for our published container images to a minimal set. Aligning on specific base images also gives us the opportunity to provide you with templates for the legal notice, like described in [TRG 4.06 - Notice for docker images](./trg-4-06.md) From bb933461501a3b2a6f127c24773ca8cb1d18565a Mon Sep 17 00:00:00 2001 From: Tomasz Barwicki Date: Tue, 5 Dec 2023 12:19:47 +0100 Subject: [PATCH 2/6] fix: remove trailing space --- docs/release/trg-4/trg-4-02.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release/trg-4/trg-4-02.md b/docs/release/trg-4/trg-4-02.md index 4561addf6fe..3b1d2c22a2c 100644 --- a/docs/release/trg-4/trg-4-02.md +++ b/docs/release/trg-4/trg-4-02.md @@ -19,7 +19,7 @@ As Eclipse Tractus-X project, we don't have automated processes for publishing c DockerHub is running container scans for all [official images](https://docs.docker.com/trusted-content/official-images/) and is publishing the scans result in the [docker-library/repo-info repository](https://github.com/docker-library/repo-info). -Utilizing images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. +Utilizing images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. DockerHub provides a centralized platform where developers can access a wide range of pre built containers which adhere to established best practices and meet certain standards of quality, security, and reliability, giving developers confidence in the integrity of the containers they deploy. By incorporating prepared images, teams can foster consistency across environments, reduce the likelihood of vulnerabilities, and accelerate the overall software delivery pipeline rather than managing complex container configurations from scratch. We are leveraging this information by restricting the base images we use for our published container images to a minimal set. From c5ed94074ad14ff7477c53eceb7517cc4a32810e Mon Sep 17 00:00:00 2001 From: Tomasz Barwicki Date: Tue, 5 Dec 2023 12:26:04 +0100 Subject: [PATCH 3/6] docs: remove caution notice from TRG 4.05 & 4.06 --- docs/release/trg-4/trg-4-05.md | 4 ---- docs/release/trg-4/trg-4-06.md | 4 ---- 2 files changed, 8 deletions(-) diff --git a/docs/release/trg-4/trg-4-05.md b/docs/release/trg-4/trg-4-05.md index 3be4571bd42..79fe27704a2 100644 --- a/docs/release/trg-4/trg-4-05.md +++ b/docs/release/trg-4/trg-4-05.md @@ -2,10 +2,6 @@ title: TRG 4.05 - Container registries --- -:::caution -Proposed release date: "mandatory after": 19th of May 2023 -::: - | Status | Created | Post-History | |--------|--------------|-------------------------------------------------------------------------| | Draft | 04-May-2023 | Place DockerHub as mandatory container registry; remove GHCR references | diff --git a/docs/release/trg-4/trg-4-06.md b/docs/release/trg-4/trg-4-06.md index 4bf6ae78a42..f4147a365d5 100644 --- a/docs/release/trg-4/trg-4-06.md +++ b/docs/release/trg-4/trg-4-06.md @@ -2,10 +2,6 @@ title: TRG 4.06 - Notice for docker images --- -:::caution -Proposed release date: "mandatory after": 19th of May 2023 -::: - | Status | Created | Post-History | |--------|-------------|------------------| | Draft | 04-May-2023 | Initial release | From 482cff757927ec4f41372e5cb4cd5c0eb82abc85 Mon Sep 17 00:00:00 2001 From: Tomasz Barwicki Date: Wed, 6 Dec 2023 11:25:27 +0100 Subject: [PATCH 4/6] docs: amend TRG 4.02 header --- docs/release/trg-4/trg-4-02.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/release/trg-4/trg-4-02.md b/docs/release/trg-4/trg-4-02.md index 3b1d2c22a2c..86895f2bcbc 100644 --- a/docs/release/trg-4/trg-4-02.md +++ b/docs/release/trg-4/trg-4-02.md @@ -4,6 +4,7 @@ title: TRG 4.02 - Base images | Status | Created | Post-History | |--------|-------------|---------------------------------------------------------------------------------| +| Active | 06-Dec-2023 | Add adventages of Dockerhub images | Draft | 04-May-2023 | Remove notice in favor of dedicated TRG; Add mandatory base image for frontends | | Active | 25-Nov-2022 | Initial release | From a53681394867b418386b9b0d28ecd0d14ee763e7 Mon Sep 17 00:00:00 2001 From: Tomasz Barwicki Date: Wed, 3 Jan 2024 13:42:46 +0100 Subject: [PATCH 5/6] fix: 'adventages' typo --- docs/release/trg-4/trg-4-02.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/release/trg-4/trg-4-02.md b/docs/release/trg-4/trg-4-02.md index 86895f2bcbc..ee207d49569 100644 --- a/docs/release/trg-4/trg-4-02.md +++ b/docs/release/trg-4/trg-4-02.md @@ -4,7 +4,7 @@ title: TRG 4.02 - Base images | Status | Created | Post-History | |--------|-------------|---------------------------------------------------------------------------------| -| Active | 06-Dec-2023 | Add adventages of Dockerhub images +| Active | 06-Dec-2023 | Add advantages of Dockerhub images | Draft | 04-May-2023 | Remove notice in favor of dedicated TRG; Add mandatory base image for frontends | | Active | 25-Nov-2022 | Initial release | @@ -20,7 +20,7 @@ As Eclipse Tractus-X project, we don't have automated processes for publishing c DockerHub is running container scans for all [official images](https://docs.docker.com/trusted-content/official-images/) and is publishing the scans result in the [docker-library/repo-info repository](https://github.com/docker-library/repo-info). -Utilizing images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. +Utilizing official Dockerhub images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. DockerHub provides a centralized platform where developers can access a wide range of pre built containers which adhere to established best practices and meet certain standards of quality, security, and reliability, giving developers confidence in the integrity of the containers they deploy. By incorporating prepared images, teams can foster consistency across environments, reduce the likelihood of vulnerabilities, and accelerate the overall software delivery pipeline rather than managing complex container configurations from scratch. We are leveraging this information by restricting the base images we use for our published container images to a minimal set. From 92050ebb1b2b521fe7a0142e4c0eb33801d57798 Mon Sep 17 00:00:00 2001 From: Tomasz Barwicki Date: Fri, 5 Jan 2024 10:24:46 +0100 Subject: [PATCH 6/6] fix: remove duplicated word Dockerhub --- docs/release/trg-4/trg-4-02.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release/trg-4/trg-4-02.md b/docs/release/trg-4/trg-4-02.md index ee207d49569..29e8e410e61 100644 --- a/docs/release/trg-4/trg-4-02.md +++ b/docs/release/trg-4/trg-4-02.md @@ -20,7 +20,7 @@ As Eclipse Tractus-X project, we don't have automated processes for publishing c DockerHub is running container scans for all [official images](https://docs.docker.com/trusted-content/official-images/) and is publishing the scans result in the [docker-library/repo-info repository](https://github.com/docker-library/repo-info). -Utilizing official Dockerhub images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. +Utilizing official images from DockerHub is advantageous due to its role as a trusted repository of curated and verified open source containers. DockerHub provides a centralized platform where developers can access a wide range of pre built containers which adhere to established best practices and meet certain standards of quality, security, and reliability, giving developers confidence in the integrity of the containers they deploy. By incorporating prepared images, teams can foster consistency across environments, reduce the likelihood of vulnerabilities, and accelerate the overall software delivery pipeline rather than managing complex container configurations from scratch. We are leveraging this information by restricting the base images we use for our published container images to a minimal set.