Add: Add quickstart.md improvements #22272
Conversation
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
Hi @craig-osterhout , I hope you're doing well. Is there anything else I should do on this PR to be considered? Best Regards, |
|
Thanks @tanure. Nothing further is needed at this moment. If you want a head start on the feedback, please check the comments added by the linters. |
There was a problem hiding this comment.
Thank you @tanure. This topic definitely needed a refresh. I left some nits from our style guide and some other suggestions.
| @@ -95,6 +95,10 @@ the underlying vulnerable express version to 4.17.3 or later. | |||
| + "express": "4.17.3" | |||
| } | |||
| ``` | |||
| > [!TIP] | |||
There was a problem hiding this comment.
The step is definitely wrong, but this callout seems like a band-aid fix. All of step 4 is wrong, and will always be wrong from this point in time going forward.
Suggest rewriting all step 4.
We don't need to fix all the vulnerabilities to show the concept. We can fix just one that we know will always be there.
For example, we can say there are multiple vulnerabilities, but you're going to only fix HIGH CVE-2022-24999. There is a fixed version, 4.17.3 specified, so update to 4.17.3. Then, run the command again and verify that HIGH CVE-2022-24999 is no longer present.
| @@ -172,6 +176,10 @@ Policy status FAILED (2/6 policies met, 2 missing data) | |||
| ? │ Supply chain attestations │ No data | |||
| ``` | |||
|
|
|||
| > [!NOTE] | |||
There was a problem hiding this comment.
Suggest using callouts sparingly. Maybe just add it to the paragraph above like,
Now you can run the `quickview` command to get an overview
of the compliance status for the image you just built.
The image is evaluated against the default policy configurations. You'll see output similar to the following.
| @@ -209,7 +217,7 @@ The classic image store doesn't support manifest lists, | |||
| which is how the provenance attestations are attached to an image. | |||
|
|
|||
| Open **Settings** in Docker Desktop. Under the **General** section, make sure | |||
| that the **Use containerd for pulling and storing images** option is checked. | |||
| that the **Use containerd for pulling and storing images** option is checked, then click the `Apply & Restart` button to apply the changes. | |||
There was a problem hiding this comment.
| that the **Use containerd for pulling and storing images** option is checked, then click the `Apply & Restart` button to apply the changes. | |
| that the **Use containerd for pulling and storing images** option is checked, then select **Apply & restart**. |
| @@ -230,7 +238,11 @@ results through a different lens: the Docker Scout Dashboard. | |||
| 3. Select **Images** in the left-hand navigation. | |||
|
|
|||
| The images page lists your Scout-enabled repositories. | |||
| Select the image in the list to open the **Image details** sidebar. | |||
|
|
|||
| Select the docker image you want to analyze and click the button shown in the image below to display the **Image details** sidebar. | |||
There was a problem hiding this comment.
This is not correct.
(1) Select the Docker image you want to analyze and (2) click the button...
Only one thing needs to be selected, and that is anywhere in the row except the links. I'm guessing the confusing part is whether to click on the image name link or something else.
Suggest something more direct like, Select the row for the image you want to view, anywhere in the row except on a link, to open the Image details sidebar.
|
|
||
| Select the docker image you want to analyze and click the button shown in the image below to display the **Image details** sidebar. | ||
|
|
||
|  |
There was a problem hiding this comment.
As above, the user can select the icon, or anywhere else in the row. This is unnecessarily prescriptive. Suggest removing as selecting a row is not unordinary enough to require visual instructions.
| @@ -239,13 +251,17 @@ The sidebar shows a compliance overview for the last pushed tag of a repository. | |||
| > It might take a few minutes before the results appear if this is your | |||
| > first time using the Docker Scout Dashboard. | |||
|
|
|||
| Inspect the **Up-to-Date Base Images** policy. | |||
| Go back to the image list and click on the image version, available in the **Most recent image** column. | |||
There was a problem hiding this comment.
| Go back to the image list and click on the image version, available in the **Most recent image** column. | |
| Go back to the image list and select the image version, available in the **Most recent image** column. |
| @@ -239,13 +251,17 @@ The sidebar shows a compliance overview for the last pushed tag of a repository. | |||
| > It might take a few minutes before the results appear if this is your | |||
| > first time using the Docker Scout Dashboard. | |||
|
|
|||
| Inspect the **Up-to-Date Base Images** policy. | |||
| Go back to the image list and click on the image version, available in the **Most recent image** column. | |||
| Then, at the top right of the page, click on the **Update base image** button to inspect the policy. | |||
There was a problem hiding this comment.
| Then, at the top right of the page, click on the **Update base image** button to inspect the policy. | |
| Then, at the top right of the page, select the **Update base image** button to inspect the policy. |
| Go back to the image list and click on the image version, available in the **Most recent image** column. | ||
| Then, at the top right of the page, click on the **Update base image** button to inspect the policy. | ||
|
|
||
|  |
There was a problem hiding this comment.
Suggest remove the image unless there is a step that can't be described with instructions. The user will already see their own screen.
|  |
| This policy checks whether base images you use are up-to-date. | ||
| It currently has a non-compliant status, | ||
| because the example image uses an old version `alpine` as a base image. | ||
|
|
||
| Select the **View fix** button next to the policy name for details about the violation, | ||
| and recommendations on how to address it. | ||
| Close the **Recommended fixes for base image** popup. In the policy listing, click the **View fixes** button, next to the policy name for details about the violation, and recommendations on how to address it. |
There was a problem hiding this comment.
| Close the **Recommended fixes for base image** popup. In the policy listing, click the **View fixes** button, next to the policy name for details about the violation, and recommendations on how to address it. | |
| Close the **Recommended fixes for base image** modal. In the policy listing, select **View fixes**, next to the policy name for details about the violation, and recommendations on how to address it. |
Description
I did some improvements to the quickstart.md file, adding images and improve some descriptions to be albe to helo learners to find the references mentioned in the file.
Related issues or tickets
No related issues or ticket.
Reviews