- Python/Ruby GitHub Actions CI guides: 'is runs' -> 'runs', 'of you' ->
'of your', and 'Login to Docker Hub' link text -> 'Log in to Docker Hub'
- configure-builder: 'of you workflow' -> 'of your workflow'
- bind-mount page: remove stray article ('the a container' -> 'the container')
- pre-seeding guide: 'let you access to' -> 'letting you access', 'define' -> 'defines'
<!--Delete sections as needed -->
## Description
Refreshed Node.js guide
- Updated all examples to DHI. DHI Community is now free so the DOI
fallback is no longer needed.
- Replaced the git clone pattern with the file scaffolding component.
- Simplified the sample app to a Node.js backend API. Added links at the
start of the guide to dedicated frontend framework guides.
- Added "Secure your Node.js image supply chain" topic to showcase DHI.
- Refreshed topic intros and related links.
https://deploy-preview-25319--docsdocker.netlify.app/guides/nodejs/
## Related issues or tickets
ENGDOCS-3319
Closes#25280
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
Three small fixes in the guides.
- `guides/localstack`: the prose says `S3_ENDPOINT_URL` is
`http://localhost:4556`, but LocalStack's edge port is `4566`, and the
guide's own `.env` block later uses `4566`.
- `guides/pgadmin`: the top-level Compose key for the pgpass file is
`configs`, not `config`. As written the compose file is invalid.
- `guides/bun/deploy`: the "Turn on Kubernetes" link has a doubled slash
(`/manuals//desktop/...`).
Signed-off-by: Emmanuel Yusufu Kimaswa <kimaswaemma36@gmail.com>
The `/docker-entrypoint-initaws.d` directory was removed in LocalStack
2.0. Updates the Compose snippet to mount the current `ready.d` init
hook directory and adds a short tip pointing to the LocalStack init
hooks reference. Also drops a stray trailing quote that made the
previous mount path invalid.
Closes#22640
<!--Delete sections as needed -->
## Description
Updated Python guide
- Removed DOI in favor of DHI only. DHI Community is now free, so
there's no reason to keep the DOI fallback path.
- Removed the git clone sample-app pattern. Maintaining external sample
repos is a burden, and split source of truth between the docs and the
sample.
- New file browser / scaffolding component. Lets users copy individual
files or scaffold the whole project with one command. Replaces the role
the cloned sample repo used to play.
- New "Secure your supply chain" topic highlighting what DHI gives you
and how to attach matching attestations to your own image in CI.
- A bunch of smaller improvements: clearer intros for each topic,
progressively updating the same app in all topics, ran and fixed issues,
etc.
https://deploy-preview-25206--docsdocker.netlify.app/guides/python/
## Related issues or tickets
ENGDOCS-3308
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Technical review
- [ ] Editorial review
---------
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
<!--Delete sections as needed -->
## Description
Added VEX walkthrough guide for Docker Hardened Images
The existing DHI documentation covers VEX concepts and scanner
integration, but as separate reference topics. Users who want to
understand VEX in practice have to piece together the workflow
themselves.
This guide shows the full workflow end-to-end against a real image
(`dhi.io/python:3.13`): scan without VEX to get the raw CVE baseline,
fetch the attestation, scan again with VEX applied, then inspect every
suppression and the reasoning behind it. Each step shows actual command
output so readers can compare what they see against a known reference.
The guide covers:
- Before/after scans with Trivy and Grype to make the VEX effect
concrete
- Docker Scout's automatic VEX integration as a contrast
- Trivy's `--show-suppressed` flag to surface per-CVE justification
codes
- `jq` queries against the raw VEX file to read Docker's human-readable
reasoning and filter by status (`not_affected`, `under_investigation`,
`affected`)
The goal is to give readers a working mental model of what VEX does and
how to audit it — something a walkthrough can do that reference docs
can't.
https://deploy-preview-24992--docsdocker.netlify.app/guides/dhi-vex-walkthrough/
## Related issues or tickets
ENGDOCS-3239
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
---------
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
## Summary
The Node.js containerize guide told readers to create a Dockerfile
without saying where to place it. This clarifies that both Dockerfile
options belong in the project root.
Closes#25185
Generated by Codex
Co-authored-by: Codex <codex@openai.com>
The Node.js containerize guide told readers to create a Dockerfile without saying where it belongs.
Clarify that both Dockerfile options should be created in the project root and clean up existing lint failures in the touched file.
Co-Authored-By: Codex <codex@openai.com>
Two related style-conformance fixes across `content/guides/`, motivated
by a recent audit of guide-page style against STYLE.md, COMPONENTS.md,
and AGENTS.md.
## What changed
### 1. Add missing `keywords:` frontmatter to 104 guide pages
`keywords` is documented as required (AGENTS.md, COMPONENTS.md) but was
missing from 10 single-file guides, 8 `_index.md` landing pages, and 86
chapter pages. Each page now has a meaningful, page-specific
comma-separated keyword list derived from its title, lead content, and
sibling pages where applicable.
Examples of the convention applied:
-
`content/guides/testcontainers-java-spring-boot-kafka/create-project.md`
— `testcontainers, java, spring boot, kafka, mysql, project setup`
- `content/guides/docker-compose/why.md` — `docker compose,
multi-container, yaml, services, orchestration, application`
Post-change verification confirms zero guide pages under
`content/guides/` are missing the field.
### 2. Remove bold-for-emphasis from 14 guide pages
STYLE.md restricts bold to UI elements only — never for emphasis,
product names, command names, or the `**Term**: description`
subsection-label pattern. Cleaned up the top-15 offender files
identified by raw bold-span count (code blocks excluded). One file
(`jupyter.md`, 32 spans) was untouched because all spans were legitimate
UI references.
Shape of the work across 14 files:
- ~60 `**Term**: description` list items de-bolded
- ~10 identifiers/values/commands converted to backticks (e.g.
`**my-mysql**` → `` `my-mysql` ``)
- ~10 product/emphasis bolds removed
- 6 bolded link texts un-bolded
- 3 blockquote-style notes converted to `> [!NOTE]` callouts
Legitimate UI bolds (button names, menu items, field labels, tab names)
were preserved throughout. `databases.md` kept 47 of 49 spans for this
reason — only port-mapping value and container name were converted to
backticks.
## Out of scope
The audit surfaced other items not addressed here:
- Series `params` block missing on all 48 `_index.md` landing pages —
this is a "decide what's authoritative" question that warrants
discussion before code changes.
- Vale prose violations (`just`, `easily`, `we`, etc.) — concentrated in
~5 files; can land separately.
- Heading numbering convention (`## Step N:` vs `## N.` vs plain) —
undocumented; should be pinned down in STYLE.md or COMPONENTS.md before
mechanical sweeps.
## Verification
- `markdownlint` (via `scripts/lint.sh`) clean on all changed files.
- Vale not installed locally; relying on CI to validate prose.
- `git diff --stat` confirms scope: 118 unique files, all under
`content/guides/`. No vendored, layout, or generated-file changes.
<!--Delete sections as needed -->
## Description
Removing `docker init` workflow from guides. See ticket for more info.
Instead, have copy-paste codeblocks of the existing output. Added tip to
use Gordon.
## Related issues or tickets
ENGDOCS-3299
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
---------
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
Replaces @material-symbols/svg-400 (5.5 MB) with heroicons (488 KB) — an
11x reduction in icon asset size. Heroicons uses a single consistent
distribution format (24px solid SVGs, fill="currentColor") eliminating
the need for the separate utils/svg.html partial, the icon-svg-stroke CSS
utility, and the dual-path resolution logic in icon.html.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
<!--Delete sections as needed -->
## Description
Tested and updated the dotnet guide.
- Add missing stage name for dhi Dockerfile
- Clean up some output
## Related issues or tickets
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
PR to capture work:
- Update / simplify titles to match docs
- Create subcategories within org/company
- Wrestle with redirect nightmare part 2
Filing a follow up PR to create parallel structure in the `Company`
subcategory. This PR's scope is for `Organization` only.
The code snippet for Dockerfile under the "Using the official Docker
images" contains a comment which says that this Docker file uses DHI
image, which is incorrect.
<!--Delete sections as needed -->
Updated the code snippet to match the tab contents
<!-- Tell us what you did and why -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
<!--Delete sections as needed -->
## Description
Merged how-to/debug into troubleshoot to reduce left nav sprawl. Kept
troubleshoot at top-level to align with other manuals.
https://deploy-preview-24658--docsdocker.netlify.app/dhi/troubleshoot/
## Related issues or tickets
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
---------
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com>
<!--Delete sections as needed -->
## Description
- Refreshed explore based on latest GUI. Removed steps with a direct
link. xref'd to previous sections to remove redundant steps.
- Consolidated explore and compare to minimize left nav sprawl and
because they're related use-cases.
- Renamed from "explore" to "search" in order to not conflict with the
about section that got renamed explore.
- Added in CLI commands to eventually remove the bolted-on, standalone
how-to cli topic.
- Cleaned up some fluff from the compare topic that was used to make it
feel more substantial when it was a standalone.
https://deploy-preview-24602--docsdocker.netlify.app/dhi/how-to/explore/
## Related issues or tickets
ENGDOCS-3222
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
---------
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
<!--Delete sections as needed -->
## Description
Aligned file name with that on line 43, using the preferred
`compose.yaml`.
## Related issues or tickets
Closes#23860
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
## Description
Migrate 17 Testcontainers guides from testcontainers.com into the Docker
docs site, covering Java (14 guides), .NET (2 guides), and Node.js (1
guide). This follows up on PR #24450 which added the initial Go and
Python guides.
Each guide is converted from AsciiDoc to Hugo Markdown, split into
multi-chapter stepper navigation, updated to the latest Testcontainers
API, and verified with passing tests running in containers.
Java guides use testcontainers-java 2.0.4 with the new 2.x Maven
coordinates and package names (e.g., `testcontainers-postgresql`,
`org.testcontainers.postgresql.PostgreSQLContainer`). The Quarkus guide
uses Quarkus 3.22.3 with TC 1.x managed by the Quarkus BOM, since no
released Quarkus version ships TC 2.x yet.
## How to test
All code snippets have been verified by running each guide's source
repository tests inside Docker containers with the Docker socket
mounted.
To re-run the verification, use the `/testcontainers-guides-migrator`
skill included in this PR
(`.claude/skills/testcontainers-guides-migrator/SKILL.md`). The skill's
Step 6 documents the exact container commands and macOS Docker Desktop
workarounds (host override, docker-java API version, etc.) needed to run
each language's tests:
```
/testcontainers-guides-migrator I want you to verify all the guides in this branch.
Do a full review, verifying that all code snippets compile, the code is executable,
and ALL the tests pass. Run them as docker containers, never locally.
```
## Related issues or tickets
Supersedes #24450 (expanded from 2 guides to all 19)
## Reviews
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## Description
Migrate the first two Testcontainers getting-started guides from
[testcontainers.com/guides](https://testcontainers.com/guides/) into the
Docker docs site:
- **Getting started with Testcontainers for Go** — multi-page guide with
4 chapters (create project, write tests, test suites, run tests). Code
updated to testcontainers-go v0.41.0 API (`postgres.Run()`,
`CleanupContainer`, `BasicWaitStrategies()`).
- **Getting started with Testcontainers for Python** — multi-page guide
with 3 chapters (create project, write tests, run tests). Code updated
to testcontainers-python 4.14.2 (fixed `get_exposed_port()` returning
`int`).
Each guide appears as its own entry in the `/guides/` listing with
proper language and tag filters (`testing-with-docker`). Chapters render
with stepper navigation in the sidebar.
Also adds:
- A `testing-with-docker` tag to `data/tags.yaml`
- A Claude skill
(`.claude/skills/testcontainers-guides-migrator/SKILL.md`) that
documents the repeatable migration process for the remaining 19 guides
- Links from `content/manuals/testcontainers.md` to the new guides
- Vale vocabulary entries for `pgx`, `Micronaut`, `psycopg`, `pytest`
All guide code was compiled and tests verified passing in containers
with Docker socket mounted.
## Related issues or tickets
No related issues found.
## Reviews
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
<!--Delete sections as needed -->
## Description
This PR adds a guide that shows how to secure a Backstage developer
portal container using Docker Hardened Images, covering native module
compilation, multi-stage builds, Socket Firewall protection, and
distroless runtime images
<!-- Tell us what you did and why -->
## Related issues or tickets
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
<!--Delete sections as needed -->
## Description
The DHI static image has no adduser package, plus it already runs as a
nonroot user. Removed that section from the Dockerfile.
## Related issues or tickets
Closes#24362
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
<!--Delete sections as needed -->
## Description
This guide explains how to deploy Docker Hardened Images in OpenShift
environments. It covers Security Context Constraints (SCCs), arbitrary
user ID assignment, file permission requirements, and best practices for
both runtime and development image variants.
<!-- Tell us what you did and why -->
Added new guide: content/guides/dhi-openshift.md
## Related issues or tickets
Supersedes #24293 (closed due to fork deletion)
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
Previously reviewed and approved by @dvdksn in #24293
@craig-osterhout was requested for review before the PR was closed
No content changes from the previously approved version
<!-- List applicable reviews (optionally @tag reviewers) -->
## Description
In order to better attribute upgrade sources, we are adding two params -
`ref` and `refAction` to the existing pricing url.
The `ref` will be "Docs" and the `refAction` will be the particular docs
page from where the pricing url click is originated.
## Related issues or tickets
https://docker.atlassian.net/browse/GRO-282
## Reviews
@akristen You should see the new url params when hovering over or
clicking any of the updated pricing urls
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
---------
Co-authored-by: Alexa Kristensen <81787716+akristen@users.noreply.github.com>
Add AI overview landing page with decision table and relationship overview.
Reframe Gordon as "AI-powered assistant" instead of "AI agent" to avoid
confusion with Docker Agent. Rename sandbox agent page from cagent.md to
docker-agent.md. Add cross-references where products overlap. Fix doubled
"Docker Docker Agent" in agentic AI guide.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Rafael Coelho