Fixes#23664.
The rootless docs compared rootless to userns-remap only in terms of
daemon privileges, never mentioning that the container-to-host UID
mapping also differs. Adds a short bullet list after the existing
comparison to spell it out and note the practical impact on bind-mount
file ownership.
Filesystem rule examples only showed POSIX paths and never explained that
rules match the path format of the developer's OS. Add Windows drive-letter
and backslash syntax (including the *: any-drive wildcard), note WSL support,
and call out that a multi-platform policy needs a rule per path format.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
<!--Delete sections as needed -->
## Description
Removed `comes with` and `built-in` as they're misleading. The
attestations are separate from the image.
## Related issues or tickets
https://docker.slack.com/archives/C0989V6TAK0/p1780606035242419
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
## Summary
- Splits the "Sourcing credentials from 1Password" section in
`workflows.md` into two subsections: one for persistent setup via `op
read | sbx secret set`, one for per-launch injection via `op run -- sbx
run <agent>`
- The `op run` pattern resolves `op://` references at launch time
without storing anything; works because `sbx` reads the built-in service
env vars (`ANTHROPIC_API_KEY`, `OPENAI_API_KEY`, etc.) from the host
environment — not arbitrary vars
- Includes a `.env` file variant for injecting multiple credentials at
once
- Adds a 1Password bullet to the Best practices section in
`credentials.md` linking back to the new workflows section
🤖 Generated with [Claude Code](https://claude.com/claude-code)
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## Summary
Add troubleshooting guidance for Docker Sandboxes users whose internal
HTTPS inspection proxy requires a custom CA certificate inside the
sandbox. The section covers repeatable setup with a sandbox kit, one-off
setup for existing sandboxes, Node.js CA configuration, and policy log
diagnostics.
Generated by Codex
---------
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
## Summary
- Adds a `#### file.parser` subsection under the Credentials spec
reference, covering supported forms (`json:<dot.path>` and plain text),
JSON path rules and limitations, priority/fallback behaviour for missing
files, worked examples, and common error messages. Behaviour verified
against `sandboxd/pkg/secrets/store.go`.
- Adds `deniedDomains` to the Network spec reference table, which was
missing despite being a supported field. Deny rules take precedence over
allow rules including those from composed kits.
## Test plan
- [ ] `docker buildx bake lint vale` — passes clean for this file
- [ ] Spot-check rendered output on staging
🤖 Generated with [Claude Code](https://claude.com/claude-code)
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
<!--Delete sections as needed -->
## Description
Adding element ids to Contact Sales CTAs in all of Docs. This will allow
us to track funnel metrics better.
https://docs.google.com/spreadsheets/d/1NBEpc3ZZNnF8CH-XU34AKRERoTye3QBCCdRyNpGDjRE/edit?usp=sharing
<!-- Tell us what you did and why -->
## Related issues or tickets
https://docker.atlassian.net/browse/GRO-376
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
Adds `sbx secret set -g openrouter` and `OPENROUTER_API_KEY` to the
Authentication sections of docker-agent.md and opencode.md, matching the
openrouter support added in docker/sandboxes#3244.
Also corrects the Google env var in opencode.md from `GOOGLE_API_KEY` to
`GOOGLE_GENERATIVE_AI_API_KEY`, which is the name OpenCode actually uses.
Fixes#25273
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove the `-g` flag from all `sbx policy allow/deny/rm` examples — global
scope is now the default. Replace positional sandbox names with the new
`--sandbox <name>` flag for sandbox-scoped rules.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
<!--Delete sections as needed -->
## Description
Current examples use images that no longer exist. Updated examples to
images that exist.
Samples to verify with:
https://github.com/craig-osterhout/dhi-migration-verify
## Related issues or tickets
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
Sync the AI Governance Policy API reference with the upstream spec from
docker/governor-services#242. Wraps the ListPolicies response data under
a `data` object, adds the updatePolicy and deletePolicy endpoints,
migrates policy scope from profiles to teams, and switches rule/policy
updates to application/json.
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
## Summary
Adds a new Workflows page to the sandboxes manual covering the patterns
that
don't fit cleanly in the mechanical usage reference: git strategies
(single-agent
feature branch and multi-agent parallel branches in clone mode, direct
mode),
commit signing via SSH agent forwarding, authenticated CLI tools (gh,
Docker
registry, 1Password via op read), and CI/headless use.
Generated by Claude Code
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Billing workflow and details for Gordon plan subscription layer. As a
fast follow, a PR that links between Gordon usage docs and billing docs
will be added. This is an interim update until subscription section
overhaul is underway, where Gordon + DHI Select will have their own docs
pages
The Circle CI build_push and build_cache jobs in the Build Cloud CI
docs used a truncated $DOCKER_ variable in the docker login command,
which expands to empty and breaks authentication. Use $DOCKER_ACCOUNT
to match the rest of the file.
Fixes#25214
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Clone mode fails on \\wsl.localhost\... paths because Git's dubious
ownership check makes sbx's repo detection fail. Add a troubleshooting
section with the safe.directory workaround.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
<!--Delete sections as needed -->
## Description
Removed DHI new label. The product is over 1 year old now.
## Related issues or tickets
<!-- Related issues, pull requests, or Jira tickets -->
## Reviews
<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->
- [ ] Editorial review
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
The AI governance docs moved from /ai/sandboxes/security/governance/ to
/ai/sandboxes/governance/. Update the reference on the manage-licenses
page to point at the new org policy page.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
## Summary
Adds a troubleshooting entry explaining why filesystem operations (e.g.
`git status`) can be slow in direct-mode workspaces, and documents the
`DOCKER_SANDBOXES_ENABLE_VIRTIOFS_CACHE=1` opt-in to enable virtiofs
caching.
Generated by Claude Code
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This PR adds two new migration example guides under
`content/manuals/dhi/migration/examples/` for migrating applications to
Docker Hardened Images (DHI):
- **.NET** (`dotnet.md`)
- **Java** (`java.md`)
Both guides follow the exact same structure as the existing Go, Python,
and Node.js examples, with five Dockerfile variations each:
- Before (Ubuntu)
- Before (Wolfi)
- Before (DOI)
- After (multi-stage) — recommended
- After (single-stage)
The .NET guide uses `dhi.io/dotnet-sdk` for build and
`dhi.io/dotnet-aspnet` for runtime. The Java guide uses `dhi.io/maven`
for build and `dhi.io/eclipse-temurin` for runtime.
The `_index.md` grid is updated to surface both new examples on the
Migration examples landing page.
### Checklist
- [x] Followed the existing format and front-matter conventions
- [x] Used DHI images available in the public DHI catalog
(`dhi.io/dotnet-sdk`, `dhi.io/dotnet-aspnet`, `dhi.io/maven`,
`dhi.io/eclipse-temurin`)
- [x] Updated the examples landing page (`_index.md`)
---------
Co-authored-by: sunnynagavo <sunnynagavo@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Santhosh Reddy Vootukuri (SUNNY) <nagavo@microsoft.com>
Co-authored-by: Craig Osterhout <craig.osterhout@docker.com>
## Description
Step 3 of the push guide listed "Verify the image on Docker Hub" with no
instructions, leaving the workflow incomplete. Added a short prose
explanation directing users to navigate to their repository's **Tags**
tab on Docker Hub to confirm the push succeeded.
## Related issues or tickets
Closes#25004
## Reviews
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
Adds a Security section to the Docker Desktop release notes documenting
CVE-2026-8936, a VM panic caused by unbounded recursion in the
`grpcfuse` kernel module.
The CNI networking section claimed CNI was "not yet" available in the
default BuildKit image. A built-in bridge network provider with bundled
CNI plugins has shipped since BuildKit v0.13.0 (moby/buildkit#4352), so
the claim is outdated.
Document the bridge mode (--oci-worker-net=bridge) that needs no custom
image, and keep the custom-image path under a "Custom CNI configuration"
subheading. Follow-up to moby/buildkit#6817.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The opening note framed the page only as background information without
explaining what the page actually documents. Clarify that it describes the
classic storage drivers, while pointing containerd image store users to the
relevant operational guidance.
Closes#25093
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Kit-defined network rules (allowedDomains/deniedDomains) are ignored when
organization governance is active, since only org rules are evaluated. This
wasn't documented anywhere. Add an IMPORTANT callout in the kit
"Control network access" section and extend the governance precedence section
to account for kit rules.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
## Summary
Restructures the Docker AI Governance documentation under
\`/ai/sandboxes/governance/\` and adds the supporting API reference.
Preview links:
-
https://deploy-preview-25162--docsdocker.netlify.app/ai/sandboxes/governance/
-
https://deploy-preview-25162--docsdocker.netlify.app/reference/api/ai-governance/
### Information architecture
The existing \`security/governance\` and \`security/policy\` pages are
merged into a new top-level \`governance\` section so local-policy and
org-policy sit side by side instead of being split across unrelated
parents:
- \`/ai/sandboxes/governance/\` — section landing; explains local + org
as layered enforcement
- \`/ai/sandboxes/governance/concepts/\` — resource model, rule syntax,
evaluation, precedence
- \`/ai/sandboxes/governance/local/\` — \`sbx policy\` CLI for
individual machines
- \`/ai/sandboxes/governance/org/\` — Admin Console flow (was
\`security/governance.md\`)
- \`/ai/sandboxes/governance/monitoring/\` — \`sbx policy ls\` / \`sbx
policy log\`
### API reference
\`/reference/api/ai-governance/\` renders the Governance OpenAPI spec
vendored at \`content/reference/api/ai-governance/api.yaml\` from
\`docker/governor-services\`. Operations, schemas, examples, and status
codes are fully driven by the spec — future updates land via re-vendor,
not in-repo edits. Anything wrong in the rendered reference should be
fixed upstream and re-vendored here.
The spec has been re-vendored to the latest upstream version, which
updated the server URL to \`hub.docker.com/v2\` and added the
\`/governance/\` prefix to all API paths.
### Review focus
1. The \`/ai/sandboxes/governance/\` landing — does the local + org
framing match how the product is positioned?
2. \`/reference/api/ai-governance/\` — does the rendered spec match the
source of truth, and is anything important missing?
Generated by Claude Code
---------
Co-authored-by: Louis-Arnaud <la.catoire@gmail.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
David Karlsson