Source URL: https://www.docker.com/blog/docker-cncf-partnership/
Source: Docker
Title: Docker and CNCF: Partnering to Power the Future of Open Source
Feedly Summary: At Docker, open source is not just something we support; it’s a core part of our culture. It’s part of our DNA. From foundational projects like Docker Compose (35.5k stars, 5.4k forks) and Moby (69.8k stars, 18.8k forks) to our continued code contributions, we remain committed to strengthening the open-source ecosystem. Today, we are announcing…
AI Summary and Description: Yes
**Summary:** Docker’s new partnership with the Cloud Native Computing Foundation (CNCF) emphasizes Open Source’s role in modern software supply chain security. This collaboration promises to enhance developer trust, visibility, and security within the cloud-native ecosystem. Key offerings include Docker Scout for vulnerability detection and unlimited image pulls for CNCF projects.
**Detailed Description:**
The text discusses Docker’s announcement of an official partnership with the Cloud Native Computing Foundation (CNCF), signifying progress in collaborative efforts to strengthen the open-source ecosystem and software supply chain security.
Key points include:
– **Open Source Commitment**: Docker emphasizes that open source is integral to its operations and culture, evident in their foundational projects like Docker Compose and Moby, as well as ongoing code contributions.
– **Partnership Significance**: The relationship with CNCF marks an acknowledgment of Docker’s position as a leading distribution platform for containerized software, which enhances trust among developers.
– **Enhanced Offerings for CNCF Projects**:
– **Docker Sponsored Open Source (DSOS) Program**: CNCF projects will benefit from free access to a suite of Docker services, including:
– Unlimited image pulls to ensure reliability and accessibility.
– Sponsored OSS status, elevating trust and discoverability.
– Access to metrics for engagement and usage insights.
– Streamlined support via Docker’s open-source channels.
– **Docker Scout**: A vital tool for security, providing image analysis and policy evaluation to help maintainers detect vulnerabilities and enforce best practices.
– **Security Tools and Practices**: Docker is investing in secure tooling, illustrated by their Docker Hardened Images and Docker Scout, reinforcing their commitment to reliable, secure open-source infrastructure.
– **Visibility and Discoverability**: Being listed as an official service provider on the CNCF Project Services page ensures enhanced visibility of Docker’s tools for CNCF maintainers.
This partnership not only reflects Docker’s dedication to the open-source community but also signifies strategic advancements in how Docker aims to facilitate security and collaboration amongst developers in the cloud-native space. It enables Docker to further develop its role as a trusted partner, ensuring that open-source projects can thrive in a secure and supportive environment.
In summary, Docker’s partnership with CNCF positions both entities to better serve the needs of the modern developer community while reinforcing the importance of security and trust within the open-source ecosystem.