From c439604a9f5e68b13b06eeb3446e5e7b00f8dca5 Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Tue, 4 Mar 2025 16:37:13 -0500 Subject: [PATCH 1/4] Add callout about TCC minutes rollovers --- content/guides/testcontainers-cloud/_index.md | 2 +- content/manuals/subscription/details.md | 13 ++++++------- content/manuals/subscription/scale.md | 6 ++++++ 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/content/guides/testcontainers-cloud/_index.md b/content/guides/testcontainers-cloud/_index.md index 2d217f2a3eb9..9cd9b4bebfca 100644 --- a/content/guides/testcontainers-cloud/_index.md +++ b/content/guides/testcontainers-cloud/_index.md @@ -38,7 +38,7 @@ Testcontainers Cloud is a cloud-based solution designed to streamline and enhanc Works well with Docker Desktop, GitHub Actions, Jenkins, Kubernetes, and other CI solutions -Docker Pro, Team, and Business subscriptions come with Testcontainers Cloud runtime minutes, and additional minutes are available via consumption pricing. +Docker Pro, Team, and Business subscriptions come with Testcontainers Cloud runtime minutes, and additional minutes are available via consumption pricing. Testcontainers Cloud runtime minutes do not rollover month to month. ## Who’s this for? diff --git a/content/manuals/subscription/details.md b/content/manuals/subscription/details.md index 6da2e7ef33ed..a2f09a6628b0 100644 --- a/content/manuals/subscription/details.md +++ b/content/manuals/subscription/details.md @@ -71,7 +71,7 @@ Docker Pro includes: - 200 Docker Build Cloud build minutes per month. - 2 included repositories with continuous vulnerability analysis in Docker Scout. -- 100 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. +- 100 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - No Docker Hub image pull rate limits. For a list of features available in each tier, see [Docker @@ -92,7 +92,7 @@ Docker Team includes: - 500 Docker Build Cloud build minutes per month. - Unlimited Docker Scout repositories with continuous vulnerability analysis. -- 500 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. +- 500 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - No Docker Hub image pull rate limits. There are also advanced collaboration and management tools, including @@ -117,8 +117,7 @@ Docker Business includes: - 1500 Docker Build Cloud build minutes per month. - Unlimited Docker Scout repositories with continuous vulnerability analysis. -- 1500 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or - for CI. +- 1500 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - No Docker Hub image pull rate limits. In addition, you gain access to enterprise-grade features, such as: @@ -196,7 +195,7 @@ When you upgrade your Legacy Docker Pro plan to a Docker Pro subscription plan, - Docker Build Cloud build minutes increased from 100/month to 200/month and no monthly fee. - 2 included repositories with continuous vulnerability analysis in Docker Scout. -- 100 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. +- 100 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - Docker Hub image pull rate limits are removed. For a list of features available in each tier, see [Docker Pricing](https://www.docker.com/pricing/). @@ -228,7 +227,7 @@ When you upgrade your Legacy Docker Team plan to a Docker Team subscription plan - Instead of paying an additional per-seat fee, Docker Build Cloud is now available to all users in your Docker plan. - Docker Build Cloud build minutes increase from 400/mo to 500/mo. - Docker Scout now includes unlimited repositories with continuous vulnerability analysis, an increase from 3. -- 500 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. +- 500 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - Docker Hub image pull rate limits are removed. - The minimum number of users is 1 (lowered from 5). @@ -260,7 +259,7 @@ When you upgrade your Legacy Docker Business plan to a Docker Business subscript - Instead of paying an additional per-seat fee, Docker Build Cloud is now available to all users in your Docker plan. - Docker Build Cloud included minutes increase from 800/mo to 1500/mo. - Docker Scout now includes unlimited repositories with continuous vulnerability analysis, an increase from 3. -- 1500 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. +- 1500 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - Docker Hub image pull rate limits are removed. For a list of features available in each tier, see [Docker Pricing](https://www.docker.com/pricing/). diff --git a/content/manuals/subscription/scale.md b/content/manuals/subscription/scale.md index 1dd53a4d3cbb..c7575546eb4a 100644 --- a/content/manuals/subscription/scale.md +++ b/content/manuals/subscription/scale.md @@ -53,6 +53,12 @@ Your additional minutes will now display on the Build minutes page. ## Add Docker Testcontainers Cloud runtime minutes +> [!NOTE] +> +> Testcontainers Cloud runtime minutes do not rollover. If you do not use +> your allocated minutes, you can't roll them over to the next month or +> subscription period. + You can pre-purchase Testcontainers Cloud runtime minutes by [contacting sales](https://www.docker.com/pricing/contact-sales/). In addition to pre-purchase, you are able to use as many minutes as you need on-demand. The From 5a5265b8afcd1552cb6240fe80020a5c64dcebf2 Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Wed, 5 Mar 2025 09:17:54 -0500 Subject: [PATCH 2/4] Clarify TCC and DBC minutes do not rollover --- content/manuals/subscription/details.md | 15 +++++++++------ content/manuals/subscription/scale.md | 13 +++++-------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/content/manuals/subscription/details.md b/content/manuals/subscription/details.md index a2f09a6628b0..8a333c66afc7 100644 --- a/content/manuals/subscription/details.md +++ b/content/manuals/subscription/details.md @@ -69,7 +69,8 @@ Testcontainers Cloud. Docker Pro includes: -- 200 Docker Build Cloud build minutes per month. +- 200 Docker Build Cloud build minutes per month. Docker Build Cloud minutes do not +rollover month to month. - 2 included repositories with continuous vulnerability analysis in Docker Scout. - 100 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - No Docker Hub image pull rate limits. @@ -90,7 +91,8 @@ Docker Hub, Docker Scout, Docker Build Cloud, and Testcontainers Cloud. Docker Team includes: -- 500 Docker Build Cloud build minutes per month. +- 500 Docker Build Cloud build minutes per month. Docker Build Cloud minutes do not +rollover month to month. - Unlimited Docker Scout repositories with continuous vulnerability analysis. - 500 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - No Docker Hub image pull rate limits. @@ -115,7 +117,8 @@ Build Cloud, and Testcontainers Cloud. Docker Business includes: -- 1500 Docker Build Cloud build minutes per month. +- 1500 Docker Build Cloud build minutes per month. Docker Build Cloud minutes do not +rollover month to month. - Unlimited Docker Scout repositories with continuous vulnerability analysis. - 1500 Testcontainers Cloud runtime minutes per month for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - No Docker Hub image pull rate limits. @@ -193,7 +196,7 @@ For a list of features available in each legacy tier, see [Legacy Docker Pricing When you upgrade your Legacy Docker Pro plan to a Docker Pro subscription plan, your plan includes the following changes: -- Docker Build Cloud build minutes increased from 100/month to 200/month and no monthly fee. +- Docker Build Cloud build minutes increased from 100/month to 200/month and no monthly fee. Docker Build Cloud minutes do not rollover month to month. - 2 included repositories with continuous vulnerability analysis in Docker Scout. - 100 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - Docker Hub image pull rate limits are removed. @@ -225,7 +228,7 @@ For a list of features available in each legacy tier, see [Legacy Docker Pricing When you upgrade your Legacy Docker Team plan to a Docker Team subscription plan, your plan includes the following changes: - Instead of paying an additional per-seat fee, Docker Build Cloud is now available to all users in your Docker plan. -- Docker Build Cloud build minutes increase from 400/mo to 500/mo. +- Docker Build Cloud build minutes increase from 400/mo to 500/mo. Docker Build Cloud minutes do not rollover month to month. - Docker Scout now includes unlimited repositories with continuous vulnerability analysis, an increase from 3. - 500 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - Docker Hub image pull rate limits are removed. @@ -257,7 +260,7 @@ For a list of features available in each tier, see [Legacy Docker Pricing](https When you upgrade your Legacy Docker Business plan to a Docker Business subscription plan, your plan includes the following changes: - Instead of paying an additional per-seat fee, Docker Build Cloud is now available to all users in your Docker plan. -- Docker Build Cloud included minutes increase from 800/mo to 1500/mo. +- Docker Build Cloud included minutes increase from 800/mo to 1500/mo. Docker Build Cloud minutes do not rollover month to month. - Docker Scout now includes unlimited repositories with continuous vulnerability analysis, an increase from 3. - 1500 Testcontainers Cloud runtime minutes are now included for use either in Docker Desktop or for CI. Testcontainers Cloud runtime minutes do not rollover month to month. - Docker Hub image pull rate limits are removed. diff --git a/content/manuals/subscription/scale.md b/content/manuals/subscription/scale.md index c7575546eb4a..153049c8f043 100644 --- a/content/manuals/subscription/scale.md +++ b/content/manuals/subscription/scale.md @@ -24,8 +24,7 @@ for legacy Docker subscription plans, all paid Docker subscriptions come with access to Docker Hub, Docker Build Cloud, and Testcontainers Cloud with a base amount of consumption. See [Docker subscriptions and features](./details.md) to learn how much base consumption comes with each subscription. You can scale your -consumption at any time during your subscription period. All purchased -consumption expires at the end of your subscription term. +consumption at any time during your subscription period. You can scale consumption for the following: @@ -36,6 +35,10 @@ To better understand your needs, you can view your consumption at any time. For more details, see [View Docker product usage](../admin/organization/manage-products.md#view-docker-product-usage). +> [!WARNING] +> +> Docker Build Cloud and Testcontainers minutes do not rollover. If you do not use the allocated minutes from your subscription plan, you can't roll them over to the next month or subscription period. + ## Add Docker Build Cloud build minutes You can pre-purchase Docker Build Cloud build minutes in the Docker Build Cloud Dashboard: @@ -53,12 +56,6 @@ Your additional minutes will now display on the Build minutes page. ## Add Docker Testcontainers Cloud runtime minutes -> [!NOTE] -> -> Testcontainers Cloud runtime minutes do not rollover. If you do not use -> your allocated minutes, you can't roll them over to the next month or -> subscription period. - You can pre-purchase Testcontainers Cloud runtime minutes by [contacting sales](https://www.docker.com/pricing/contact-sales/). In addition to pre-purchase, you are able to use as many minutes as you need on-demand. The From 43c344d7066f462487cdbe8bf1742d24da9c609e Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Wed, 5 Mar 2025 09:23:08 -0500 Subject: [PATCH 3/4] Improve callout with example --- content/manuals/subscription/scale.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/content/manuals/subscription/scale.md b/content/manuals/subscription/scale.md index 153049c8f043..ca5c411b98fb 100644 --- a/content/manuals/subscription/scale.md +++ b/content/manuals/subscription/scale.md @@ -37,7 +37,12 @@ usage](../admin/organization/manage-products.md#view-docker-product-usage). > [!WARNING] > -> Docker Build Cloud and Testcontainers minutes do not rollover. If you do not use the allocated minutes from your subscription plan, you can't roll them over to the next month or subscription period. +> The number of Docker Build Cloud and Testcontainers minutes included in your +subscription do not rollover. Additional minutes expire at the end of your +subscription period (monthly or annually). For example, if you have an annual +Docker Team subscription with 500 included minutes, and purchase 500 additional +minutes, only the 500 additional minutes rollover until the end of your annual +subscription period. ## Add Docker Build Cloud build minutes From 11cfa4a7cdba486cccfd8a3007d29e13ee22f1c1 Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Wed, 5 Mar 2025 11:04:35 -0500 Subject: [PATCH 4/4] fix: update SSO troubleshooting guide w/ toc_max --- .../security/troubleshoot/troubleshoot-sso.md | 51 ++++++++++--------- 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/content/manuals/security/troubleshoot/troubleshoot-sso.md b/content/manuals/security/troubleshoot/troubleshoot-sso.md index 5b8fb960e854..ceae9fea46c2 100644 --- a/content/manuals/security/troubleshoot/troubleshoot-sso.md +++ b/content/manuals/security/troubleshoot/troubleshoot-sso.md @@ -4,6 +4,7 @@ keywords: sso, troubleshoot, single sign-on title: Troubleshoot single sign-on linkTitle: Troubleshoot SSO tags: [Troubleshooting] +toc_max: 2 aliases: - "/security/for-admins/single-sign-on/troubleshoot/" --- @@ -16,7 +17,7 @@ following sections describe some common SSO errors and possible solutions. If you experience issues with SSO, check both the Docker Admin Console and your identity provider (IdP) for errors first. -#### Check Docker error logs +### Check Docker error logs 1. Sign in to the [Admin Console](https://app.docker.com/admin/) and select your organization. 2. Select **SSO and SCIM**. @@ -24,7 +25,7 @@ If you experience issues with SSO, check both the Docker Admin Console and your 4. For more details on specific errors, select **View error details** next to an error message. 5. Note any errors you see on this page for further troubleshooting. -#### Check for errors in your IdP +### Check for errors in your IdP 1. Review your IdP’s logs or audit trails for any failed authentication or provisioning attempts. 2. Confirm that your IdP’s SSO settings match the values provided in Docker. @@ -36,31 +37,31 @@ For further troubleshooting, check your IdP’s documentation. You can also cont ## Groups are not formatted correctly -#### Error message +### Error message When this issue occurs, the following error message is common: ```text Some of the groups assigned to the user are not formatted as ':'. Directory groups will be ignored and user will be provisioned into the default organization and team. ``` -#### Possible causes +### Possible causes - Incorrect group name formatting in your identity provider (IdP): Docker requires groups to follow the format `:`. If the groups assigned to a user do not follow this format, they will be ignored. - Non-matching groups between IdP and Docker organization: If a group in your IdP does not have a corresponding team in Docker, it will not be recognized, and the user will be placed in the default organization and team. -#### Affected environments +### Affected environments - Docker single sign-on setup using IdPs such as Okta or Azure AD - Organizations using group-based role assignments in Docker -#### Steps to replicate +### Steps to replicate To replicate this issue: 1. Attempt to sign in to Docker using SSO. 2. The user is assigned groups in the IdP but does not get placed in the expected Docker Team. 3. Review Docker logs or IdP logs to find the error message. -#### Solutions +### Solutions Update group names in your IdP: 1. Go to your IdP's group management section. @@ -71,20 +72,20 @@ Update group names in your IdP: ## User is not assigned to the organization -#### Error message +### Error message When this issue occurs, the following error message is common: ```text User '$username' is not assigned to this SSO organization. Contact your administrator. TraceID: XXXXXXXXXXXXX ``` -#### Possible causes +### Possible causes - User is not assigned to the organization: If Just-in-Time (JIT) provisioning is disabled, the user may not be assigned to your organization. - User is not invited to the organization: If JIT is disabled and you do not want to enable it, the user must be manually invited. - SCIM provisioning is misconfigured: If you use SCIM for user provisioning, it may not be correctly syncing users from your IdP. -#### Solutions +### Solutions **Enable JIT provisioning** @@ -116,18 +117,18 @@ If you have SCIM enabled, troubleshoot your SCIM connection using the following ## IdP-initiated sign in is not enabled for connection -#### Error message +### Error message When this issue occurs, the following error message is common: ```text IdP-Initiated sign in is not enabled for connection '$ssoConnection'. ``` -#### Possible causes +### Possible causes Docker does not support an IdP-initiated SAML flow. This error occurs when a user attempts to authenticate from your IdP, such as using the Docker SSO app tile on the sign in page. -#### Solutions +### Solutions **Authenticate from Docker apps** @@ -139,18 +140,18 @@ You can hide the Docker SSO app from users in your IdP. This prevents users from ## Not enough seats in organization -#### Error message +### Error message When this issue occurs, the following error message is common: ```text Not enough seats in organization '$orgName'. Add more seats or contact your administrator. ``` -#### Possible causes +### Possible causes This error occurs when the organization has no available seats for the user when provisioning via Just-in-Time (JIT) provisioning or SCIM. -#### Solutions +### Solutions **Add more seats to the organization** @@ -162,20 +163,20 @@ Review your organization members and pending invitations. Remove inactive users ## Domain is not verified for SSO connection -#### Error message +### Error message When this issue occurs, the following error message is common: ```text Domain '$emailDomain' is not verified for your SSO connection. Contact your company administrator. TraceID: XXXXXXXXXXXXXX ``` -#### Possible causes +### Possible causes This error occurs if the IdP authenticated a user through SSO and the User Principal Name (UPN) returned to Docker doesn’t match any of the verified domains associated to the SSO connection configured in Docker. -#### Solutions +### Solutions **Verify UPN attribute mapping** @@ -187,20 +188,20 @@ Add and verify all domains and subdomains used as UPN by your IdP and associate ## Unable to find session -#### Error message +### Error message When this issue occurs, the following error message is common: ```text We couldn't find your session. You may have pressed the back button, refreshed the page, opened too many sign-in dialogs, or there is some issue with cookies. Try signing in again. If the issue persists, contact your administrator. ``` -#### Possible causes +### Possible causes The following causes may create this issue: - The user pressed the back or refresh button during authentication. - The authentication flow lost track of the initial request, preventing completion. -#### Solutions +### Solutions **Do not disrupt the authentication flow** @@ -212,20 +213,20 @@ Close the browser tab and restart the authentication flow from the Docker applic ## Name ID is not an email address -#### Error message +### Error message When this issue occurs, the following error message is common: ```text The name ID sent by the identity provider is not an email address. Contact your company administrator. ``` -#### Possible causes +### Possible causes The following causes may create this issue: - The IdP sends a Name ID (UPN) that does not comply with the email format required by Docker. - Docker SSO requires the Name ID to be the primary email address of the user. -#### Solutions +### Solutions In your IdP, ensure the Name ID attribute format is correct: 1. Verify that the Name ID attribute format in your IdP is set to `EmailAddress`.