In May 2023, Docker announced the beta release of docker init, a new command-line interface (CLI) tool in Docker Desktop designed to streamline the Docker setup process for various types of applications and help users containerize their existing projects. We’re now excited to announce the general availability of docker init, with support for multiple languages and stacks, making it simpler than ever to containerize your applications.
Initially released in its beta form in Docker 4.18, docker init has undergone several enhancements. docker init is a command-line utility that aids in the initialization of Docker resources within a project. It automatically generates Dockerfiles, Compose files, and .dockerignore files based on the nature of the project, significantly reducing the setup time and complexity associated with Docker configurations.
The initial beta release of init came with support only for Go and generic projects. The latest version, available in Docker Desktop 4.27, supports Go, Python, Node.js, Rust, ASP.NET, PHP, and Java.
Using docker init is straightforward and involves a few simple steps. Start by navigating to your project directory where you want the Docker assets to be initialized. In the terminal, execute the docker init command. This command initiates the tool and prepares it to analyze your project (Figure 1).
docker init will scan your project and ask you to confirm and choose the template that best suits your application. Once you select the template, docker init asks you for some project-specific information, automatically generating the necessary Docker resources for your project (Figure 2).
This step includes creating a Dockerfile and a Compose file tailored to the language and framework of your choice, as well as other relevant files. The last step is to run docker compose up to start your newly containerized project.
The docker init tool simplifies the process of dockerization, making it accessible even to those new to Docker. It eliminates the need to manually write Dockerfiles and other configuration files from scratch, saving time and reducing the potential for errors. With its template-based approach, docker init ensures that the Docker setup is optimized for the specific type of application you are working on and that your project will follow the industry’s best practices.
The general availability of docker init offers an efficient and user-friendly way to integrate Docker into your projects. Whether you’re a seasoned Docker user or new to containerization, docker init is set to enhance your development workflow.
New to Docker? Start by downloading Docker Desktop.
Watch the following video tutorials for further insight on leveraging docker init:
Learn how to use Docker init using your favorite language:
Welcome to a new level of terminal aesthetics with Charm Huh! In this video, we guide you through the process of creating glamorous, modern applications directly in your terminal using Charm Huh. Unleash the power of this unique framework to build visually-appealing and highly functional CLI applications. Perfect for developers and command-line enthusiasts alike!
▬▬▬▬▬▬ Additional Info ▬▬▬▬▬▬ Gist with the commands: https://gist.github.com/vfarcic/8bcb7a0760d7e40517d885924f2092ec Charm Huh: https://github.com/charmbracelet/huh k9s Kubernetes UI – A Terminal-Based Vim-Like Kubernetes Dashboard: https://youtu.be/boaW9odvRCc How To Create A “Proper” CLI With Shell And Charm Gum: https://youtu.be/U8zCHA-9VL
▬▬▬▬▬▬ Sponsorships ▬▬▬▬▬▬
If you are interested in sponsoring this channel, please use https://calendly.com/vfarcic/meet to book a timeslot that suits and we’ll go over the details. Or feel free to contact me over Twitter or LinkedIn (see below)
▬▬▬▬▬▬ Livestreams & podcasts ▬▬▬▬▬▬ Podcast: https://www.devopsparadox.com/ Live streams: https://www.youtube.com/c/DevOpsParadox
▬▬▬▬▬▬ Contact me ▬▬▬▬▬▬ Follow me on Twitter: https://twitter.com/vfarcic Follow me on LinkedIn: https://www.linkedin.com/in/viktorfarcic/
With the proliferation of open source components, integrity and reliability within the software supply chain are paramount. This article explores how Docker Scout policies serve as a catalyst, fostering collaboration between development and security teams to define and achieve an ideal application security posture for organizations. Let’s dive into the capabilities that make Docker Scout an indispensable asset in the pursuit of improved security.
Docker Scout dashboards become a security team’s trusted companion, providing a seamless and intuitive interface to utilize out-of-the-box policies. These policies offer a rapid comparison between the ideal and current states of application security, effectively highlighting areas requiring attention. To give security teams a head start, these out-of-the-box policies come with default configurations that can be updated to reflect internal requirements and standards.
Docker Scout dashboards are more than visual aids; they are powerful tools for understanding an organization’s current application security posture. Offering an overall summary and compliance status checks against defined standards enables security teams to gauge the impact of security policies. For example, the critical CVE policy showcases the percentage of images with no critical CVEs (Figure 1).
Docker Scout dashboards offer an intuitive approach to analyzing information and gaining deeper insights. For example, selecting View details on any of the policies provides comprehensive information about nonconforming images. Moreover, it precisely indicates the location of vulnerabilities within an image. This user-friendly feature ensures that teams can identify problematic images with just a few clicks and understand the right next steps to initiate effective remediation (Figure 2).
Docker Scout becomes an integral part of developers’ workflows, allowing them to work seamlessly with their preferred tools, such as the CLI. For example, developers can run a simple docker scout policy command in the CLI to receive instant feedback on image compliance with company policies. This integration significantly reduces feedback loops, saving valuable time and boosting developer productivity (Figure 3).
Docker Scout goes beyond merely identifying issues; it provides actionable recommendations for developers. For example, running the docker scout recommendations command offers easy-to-understand next steps (Figure 4). Developers can now swiftly address issues, such as updating a base image, without needing to scour the web for solutions. Docker Scout simplifies the process, allowing developers to jump into their preferred workflows with confidence.
Docker Scout is more than a security product — it’s a business enabler. Docker Scout’s integrated solutions enhance developer productivity and empower cross-functional teams to confidently deliver secure applications to production faster. By seamlessly bringing together the development and security teams, Docker Scout policies become a driving force in achieving a secure and streamlined software development lifecycle. Elevate your security efforts with Docker Scout policies and unlock collaborative efficiency.
A personal access token (PAT) is a replacement for a password that can have specific scopes for repository access. Docker is improving the visibility of Docker Desktop and Hub users’ personal access tokens. Specifically, we are changing how tokens are handled across sessions between the two tools. Read on to learn more about this security improvement.
To authenticate with Docker Hub, the Docker CLI uses PATs. To gain authenticated access to Hub from Docker CLI after a successful login from Docker Desktop, an API creates PATs on behalf of a Desktop user. These tokens were created after a user had successfully authenticated to Docker Hub through the login flow they have active for their organization (and thus had the required bearer tokens).
Within Docker Hub, if you navigate to your profile, select Edit > Security, you can see all of your access tokens, including ones created by Docker Desktop for the CLI on your behalf with Docker Hub (Figure 1).
Docker has improved the visibility of these auto-generated tokens, and now all PATs are displayed inside a user’s profile for their active access tokens.
Users will be able to see if the tokens are auto-generated or if they were manually created. Users can also deactivate or delete these auto-generated session tokens just as they can with other PATs.
For security reasons, Docker encourages users to check their active tokens regularly. These auto-generated tokens will only maintain the five most recently used tokens. Any tokens outside those five auto-generated tokens will be deleted (Figure 2).
Note that using Docker Single Sign-On (SSO) functionality, requiring multi-factor authentication (MFA), and enforcing sign-in for Docker Desktop significantly reduces the risk of an account becoming compromised where any of a user’s personal access tokens could be exploited.
Appropriate monitoring around your software development lifecycle (SDLC) is essential, as all images should be scanned for malware and viruses as part of secure code analysis and on an ongoing basis.
Docker Hub, Docker Desktop, and the Docker CLI will continue to behave how users expect.
We encourage you to use the latest Docker Desktop and Docker CLI versions to get the newest features and security releases.
We also encourage you to use your new visibility into these PATs for Docker CLI and include all of your PATs in the regular security review for your organization and Docker accounts.
As always, we encourage security best practices for Docker users and will continue strengthening Docker’s tooling as we update and add new features.
Docker has revolutionized the way developers build, package, and deploy their applications. Docker containers provide a lightweight, portable, and consistent runtime environment that can run on any infrastructure. And now, the Docker team has developed docker init, a new command-line interface (CLI) command introduced as a beta feature that simplifies the process of adding Docker to a project (Figure 1).
Note: Docker Init should not be confused with the internally -used docker-init executable, which is invoked by Docker when utilizing the –init flag with the docker run command.
The new docker init command automates the creation of necessary Docker assets, such as Dockerfiles, Compose files, and .dockerignore files, based on the characteristics of the project. By executing the docker init command, developers can quickly containerize their projects. Docker init is a valuable tool for developers who want to experiment with Docker, learn about containerization, or integrate Docker into their existing projects.
To use docker init, developers need to upgrade to the version 4.19.0 or later of Docker Desktop and execute the command in the target project folder. Docker init will detect the project definitions, and it will automatically generate the necessary files to run the project in Docker.
The current Beta release of docker init supports Go, Node, and Python, and our development team is actively working to extend support for additional languages and frameworks, including Java, Rust, and .NET. If there is a language or stack that you would like to see added or if you have other feedback about docker init, let us know through our Google form.
In conclusion, docker init is a valuable tool for developers who want to simplify the process of adding Docker support to their projects. It automates the creation of necessary Docker assets and can help standardize the creation of Docker assets across different projects. By enabling developers to focus on developing their applications and reducing the risk of errors and inconsistencies, Docker init can help accelerate the adoption of Docker and containerization.
To see docker init in action, check out the following overview video by Francesco Ciulla, which demonstrates building the required Docker assets to your project.
Check out the documentation to learn more.
Would you like to create a “proper” CLI writing a Bash script instead of having to do it in Go, Python, or any other language? Charm Gum is a CLI framework that allows you to do just that. It enables you to make “glamorous Shell scripts”.
▬▬▬▬▬▬ Additional Info ▬▬▬▬▬▬
Gist with the commands: https://gist.github.com/vfarcic/02bbfaf6cf8f5b03f4267b50f3f3233b Charm Gum: https://github.com/charmbracelet/gum
▬▬▬▬▬▬ Sponsoships ▬▬▬▬▬▬
If you are interested in sponsoring this channel, please use https://calendly.com/vfarcic/meet to book a timeslot that suits and we’ll go over the details. Or feel free to contact me over Twitter or LinkedIn (see below)
▬▬▬▬▬▬ Livestreams & podcasts ▬▬▬▬▬▬ Podcast: https://www.devopsparadox.com/ Live streams: https://www.youtube.com/c/DevOpsParadox
▬▬▬▬▬▬ Contact me ▬▬▬▬▬▬ Follow me on Twitter: https://twitter.com/vfarcic Follow me on LinkedIn: https://www.linkedin.com/in/viktorfarcic/
Connexion