update docs to 1.18.4

Author: chrispatrick

docs/docker_scout.yaml

@@ -20,6 +20,7 @@ cname:
     - docker scout recommendations
     - docker scout repo
     - docker scout version
+    - docker scout vex
     - docker scout watch
 clink:
     - docker_scout_attestation.yaml
@@ -37,6 +38,7 @@ clink:
     - docker_scout_recommendations.yaml
     - docker_scout_repo.yaml
     - docker_scout_version.yaml
+    - docker_scout_vex.yaml
     - docker_scout_watch.yaml
 options:
     - option: debug

docs/docker_scout_attestation.yaml

@@ -1,13 +1,17 @@
 command: docker scout attestation
 aliases: docker scout attestation, docker scout attest
-short: Manage attestations on image indexes
-long: Manage attestations on image indexes
+short: Manage attestations on images
+long: Manage attestations on images
 pname: docker scout
 plink: docker_scout.yaml
 cname:
     - docker scout attestation add
+    - docker scout attestation get
+    - docker scout attestation list
 clink:
     - docker_scout_attestation_add.yaml
+    - docker_scout_attestation_get.yaml
+    - docker_scout_attestation_list.yaml
 inherited_options:
     - option: debug
       value_type: bool

docs/docker_scout_attestation_get.yaml

@@ -0,0 +1,123 @@
+command: docker scout attestation get
+aliases: docker scout attestation get, docker scout attest get
+short: Get attestation for image
+long: The docker scout attestation get command gets attestations for images.
+usage: docker scout attestation get OPTIONS IMAGE [DIGEST]
+pname: docker scout attestation
+plink: docker_scout_attestation.yaml
+options:
+    - option: key
+      value_type: string
+      default_value: https://registry.scout.docker.com/keyring/dhi/latest.pub
+      description: Signature key to use for verification
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: org
+      value_type: string
+      description: Namespace of the Docker organization
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: output
+      shorthand: o
+      value_type: string
+      description: Write the report to a file
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: platform
+      value_type: string
+      description: Platform of image to analyze
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: predicate
+      value_type: bool
+      default_value: "false"
+      description: Get in-toto predicate only dropping the subject
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: predicate-type
+      value_type: string
+      description: Predicate-type for attestation
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: ref
+      value_type: string
+      description: |-
+        Reference to use if the provided tarball contains multiple references.
+        Can only be used with archive
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: skip-tlog
+      value_type: bool
+      default_value: "false"
+      description: Skip signature verification against public transaction log
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: verify
+      value_type: bool
+      default_value: "false"
+      description: Verify the signature on the attestation
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+inherited_options:
+    - option: debug
+      value_type: bool
+      default_value: "false"
+      description: Debug messages
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+deprecated: false
+experimental: false
+experimentalcli: true
+kubernetes: false
+swarm: false
+

docs/docker_scout_attestation_list.yaml

@@ -0,0 +1,96 @@
+command: docker scout attestation list
+aliases: docker scout attestation list, docker scout attest list
+short: List attestations for image
+long: The docker scout attestation list command lists attestations for images.
+usage: docker scout attestation list OPTIONS IMAGE
+pname: docker scout attestation
+plink: docker_scout_attestation.yaml
+options:
+    - option: format
+      value_type: string
+      default_value: list
+      description: |-
+        Output format:
+        - list: list of attestations of the image
+        - json: json representation of the attestation list (default "json")
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: org
+      value_type: string
+      description: Namespace of the Docker organization
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: output
+      shorthand: o
+      value_type: string
+      description: Write the report to a file
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: platform
+      value_type: string
+      description: Platform of image to analyze
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: predicate-type
+      value_type: string
+      description: Predicate-type for attestations
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: ref
+      value_type: string
+      description: |-
+        Reference to use if the provided tarball contains multiple references.
+        Can only be used with archive
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+inherited_options:
+    - option: debug
+      value_type: bool
+      default_value: "false"
+      description: Debug messages
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+deprecated: false
+experimental: false
+experimentalcli: true
+kubernetes: false
+swarm: false
+

docs/docker_scout_compare.yaml

@@ -95,6 +95,17 @@ options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: ignore-suppressed
+      value_type: bool
+      default_value: "false"
+      description: |
+        Filter CVEs found in Scout exceptions based on the specified exception scope
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
     - option: ignore-unchanged
       value_type: bool
       default_value: "false"
@@ -177,6 +188,16 @@ options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: only-vex-affected
+      value_type: bool
+      default_value: "false"
+      description: Filter CVEs by VEX statements with status not affected
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
     - option: org
       value_type: string
       description: Namespace of the Docker organization
@@ -264,6 +285,36 @@ options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: vex
+      value_type: bool
+      default_value: "false"
+      description: Apply VEX statements to filter CVEs
+      deprecated: true
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: vex-author
+      value_type: stringSlice
+      default_value: '[<.*@docker.com>]'
+      description: List of VEX statement authors to accept
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: vex-location
+      value_type: stringSlice
+      default_value: '[]'
+      description: File location of directory or file containing VEX statements
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
 inherited_options:
     - option: debug
       value_type: bool

docs/docker_scout_cves.yaml

@@ -359,7 +359,7 @@ options:
       swarm: false
     - option: vex-author
       value_type: stringSlice
-      default_value: '[]'
+      default_value: '[<.*@docker.com>]'
       description: List of VEX statement authors to accept
       deprecated: false
       hidden: false

docs/docker_scout_quickview.yaml

@@ -147,7 +147,7 @@ options:
       swarm: false
     - option: vex-author
       value_type: stringSlice
-      default_value: '[]'
+      default_value: '[<.*@docker.com>]'
       description: List of VEX statement authors to accept
       deprecated: false
       hidden: false

docs/docker_scout_vex.yaml

@@ -0,0 +1,37 @@
+command: docker scout vex
+aliases: docker scout vex, docker scout vex
+short: Manage VEX attestations on images
+long: Manage VEX attestations on images
+pname: docker scout
+plink: docker_scout.yaml
+cname:
+    - docker scout vex get
+clink:
+    - docker_scout_vex_get.yaml
+inherited_options:
+    - option: debug
+      value_type: bool
+      default_value: "false"
+      description: Debug messages
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+    - option: verbose-debug
+      value_type: bool
+      default_value: "false"
+      description: Verbose debug
+      deprecated: false
+      hidden: true
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
+deprecated: false
+experimental: false
+experimentalcli: true
+kubernetes: false
+swarm: false
+