Add hack/sync-governance-api.sh to re-vendor the AI Governance Policy API
spec from the private docker/governor-services repo. The vendored copy at
content/reference/api/ai-governance/api.yaml is a verbatim copy of upstream,
so the script fetches it via gh (using the caller's own auth, no repo
secrets) and prints a diff summary for review. Mirrors the existing
hack/sync-cli-docs.sh convention.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Add content/manuals/ai/sandboxes/release-notes.md as a single page listing
the latest stable releases of Docker Sandboxes, with a link to the GitHub
release history for older versions.
The block between BEGIN/END GENERATED RELEASES markers is populated by
hack/sbx-release-notes.py — a single-file uv-run script (PEP 723 inline
deps, Jinja2 only) that hits the GitHub Releases API for
docker/sbx-releases, filters to strict-semver stable tags with non-empty
bodies, and emits H2-per-release sections for the latest N minor releases
(default 3) and their patches.
Re-runs are idempotent and only touch content between the markers. The
script also invokes `prettier --write` so the output stays lint-clean.
Extend the existing release-notes Vale skip rule with
content/manuals/**/release-notes.md so the new file under ai/sandboxes/
picks up the same lint exclusions as engine/desktop/build release notes.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
The CloudFront Lambda rewrote `/` with `Accept: text/markdown` to an
invalid `.md` URI, causing a 502 LambdaValidationError. Homepage has no
flattened markdown equivalent, so route to `/llms.txt` — the
agent-oriented markdown index of the site. Same handling for
`/index.html`.
Also set `Content-Type: text/markdown` on `llms.txt` at upload time, so
content negotiation responses and direct requests both advertise the
correct media type.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Resolves internal links to point to the corresponding (rendered) path
rather than keeping them as internal links, which wouldn't make sense to
an agent/llm reading them.
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This adds a GitHub Actions workflow and supporting script to
automatically sync CLI documentation from the docker/cli repository on a
daily schedule.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This script helps maintain consistency between documentation and GitHub
release notes by making the docs the source of truth.
Previously, any djustments to release notes during review, needed to be
manually propagated back to the corresponding Moby GitHub releases,
creating a maintenance burden and potential for inconsistency.
The script extracts release notes for a given version from the engine
documentation markdown files, compares them with the existing GitHub
release notes, and provides a command to update the GitHub release if
differences are found.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Fix race condition issue to solve an issue about "panic: runtime error: invalid memory address or nil pointer dereference".
This fix stabilize Docker daemon under the situation of communication problem with Fluentd processes.
Signed-off-by: Satoshi Tagomori <tagomoris@gmail.com>
(cherry picked from commit 87124b9d62bc71f7632126cf7f8d5eb805c4a7f1)
Signed-off-by: Victor Vieux <vieux@docker.com>
Fixes#26394
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit f528690674712b680caf2712092c7e2f8f236491)
Signed-off-by: Victor Vieux <vieux@docker.com>
Update apparmor error message
(cherry picked from commit e168f0b4ad4dfc11a4423a6785d80153f0969808)
Signed-off-by: Charles Smith <charles.smith@docker.com>
- Fixes a SNAT issue in loadbalancer when multiple networks are involved
- Fixes an issue with SRV query forwarding in DNS
- Fixes a map race
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
(cherry picked from commit 56c98226955d98a2ba6a99bffd3a9a80d691e4a7)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit e1c7ad871f6fd41a7682cf7effb02838ab679ae3)
Signed-off-by: Tibor Vass <tibor@docker.com>
This patch allows to only release the packages that were built and are
present under the bundles/ directory instead of assuming packages exist
for all distros enumerated in the contrib/builder/ directory.
It also now adds support for armhf architecture for apt repositories.
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 2ff2e9a73076b737948c68c26f26b7bda5ac7db8)
Signed-off-by: Tibor Vass <tibor@docker.com>
This adds the ability to have different profiles for individual distros
and versions of the distro because they all ship with and depend on
different versions of policy packages.
The `selinux` dir contains the unmodified policy that is being used
today. The `selinux-fedora` dir contains the new policy for fedora 24
with the changes for it to compile and work on the system.
The fedora policy is from commit
https://github.com/projectatomic/docker-selinux/commit/4a6ce94da5e34868642ebcc7a67da937d4c73283
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
(cherry picked from commit 32b1f26c5111b22fe4277879c4f5e4687a6a72fc)
Signed-off-by: Tibor Vass <tibor@docker.com>
Craig Osterhout