repo sync

data/features/dependabot-version-updates-enhanced-docker-support.yml

@@ -0,0 +1,7 @@
+# Reference: Issue #8544
+# Title: Dependabot support for updating Docker image tags in Kubernetes manifests
+
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>= 3.8'

data/reusables/dependabot/supported-package-managers.md

@@ -9,23 +9,23 @@ Package manager | YAML value      | Supported versions | Private repositories |
 Bundler        | `bundler`        | v1, v2           | | **✓** | **✓** |
 Cargo          | `cargo`          | v1               | **✓** | **✓** | |
 Composer       | `composer`       | v1, v2           | **✓** | **✓** | |
-Docker         | `docker`         | v1               | **✓** | **✓** | |
+Docker {% ifversion dependabot-version-updates-enhanced-docker-support %}<sup>[1]</sup>{% endif %}         | `docker`         | v1               | **✓** | **✓** | |
 Hex            | `mix`            | v1               | | **✓** | |
 elm-package    | `elm`            | v0.19            | **✓** | **✓** | |
 git submodule  | `gitsubmodule`   | N/A (no version) | **✓** | **✓** | |
 GitHub Actions | `github-actions` | N/A (no version) | **✓** | **✓** | |
 Go modules     | `gomod`          | v1               | **✓** | **✓** | **✓** |
-Gradle         | `gradle`         | N/A (no version)<sup>[1]</sup>   | **✓** | **✓** | |
-Maven          | `maven`          | N/A (no version)<sup>[2]</sup>   | **✓** | **✓** | |
+Gradle         | `gradle`         | N/A (no version)<sup>[2]</sup>   | **✓** | **✓** | |
+Maven          | `maven`          | N/A (no version)<sup>[3]</sup>   | **✓** | **✓** | |
 npm            | `npm`            | v6, v7, v8       | **✓** | **✓** | |
-NuGet          | `nuget`          | <= 4.8<sup>[3]</sup> | **✓** | **✓** | |
+NuGet          | `nuget`          | <= 4.8<sup>[4]</sup> | **✓** | **✓** | |
 pip{% ifversion dependabot-PEP621-support %}<sup>[5]</sup>{% endif %}          | `pip`            | v21.1.2          | | **✓** | |
 pipenv         | `pip`            | <= 2021-05-29    | | **✓** | |
 pip-compile{% ifversion dependabot-PEP621-support %}<sup>[5]</sup>{% endif %}   | `pip`            | 6.1.0            | | **✓** | |
 poetry         | `pip`            | v1               | | **✓** | |{% ifversion fpt or ghec or ghes > 3.4 %}
-pub            | `pub`            | v2 <sup>[4]</sup> | | | |{% endif %}
+pub            | `pub`            | v2 <sup>[6]</sup> | | | |{% endif %}
 Terraform      | `terraform`      | >= 0.13, <= 1.2.x  | **✓** | **✓** | |
-{% ifversion dependabot-yarn-v3-update %}yarn           | `npm`            | v1, v2, v3       | **✓** | **✓** | **✓**<sup>[6]</sup> |{% else %}yarn           | `npm`            | v1               | **✓** | **✓** |  |
+{% ifversion dependabot-yarn-v3-update %}yarn           | `npm`            | v1, v2, v3       | **✓** | **✓** | **✓**<sup>[7]</sup> |{% else %}yarn           | `npm`            | v1               | **✓** | **✓** |  |
 {% endif %}
 
 {% tip %}
@@ -34,25 +34,30 @@ Terraform      | `terraform`      | >= 0.13, <= 1.2.x  | **✓** | **✓** | |
 
 {% endtip %}
 
-[1] {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files: `build.gradle`, `build.gradle.kts` (for Kotlin projects), and files included via the `apply` declaration that have `dependencies` in the filename. Note that `apply` does not support `apply to`, recursion, or advanced syntaxes (for example, Kotlin's `apply` with `mapOf`, filenames defined by property).
+{% ifversion dependabot-version-updates-enhanced-docker-support %}
+[1] {% data variables.product.prodname_dependabot %} can update Docker image tags in Kubernetes manifests. Add an entry to the Docker `package-ecosystem` element of your _dependabot.yml_ file for each directory containing a Kubernetes manifest which references Docker image tags. Kubernetes manifests can be Kubernetes Deployment YAML files or Helm charts. For information about configuring your _dependabot.yml_ file for `docker`, see  "`package-ecosystem`" in "[Configuration options for the dependabot.yml file](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem)."
 
-[2] {% data variables.product.prodname_dependabot %} doesn't run Maven but supports updates to `pom.xml` files.
+   {% data variables.product.prodname_dependabot %} supports both public and private Docker registries. For a list of the supported registries, see "`docker-registry`" in "[Configuration options for the dependabot.yml file](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#docker-registry)."
+{% endif %}
+
+[2] {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files: `build.gradle`, `build.gradle.kts` (for Kotlin projects), and files included via the `apply` declaration that have `dependencies` in the filename. Note that `apply` does not support `apply to`, recursion, or advanced syntaxes (for example, Kotlin's `apply` with `mapOf`, filenames defined by property).
+
+[3] {% data variables.product.prodname_dependabot %} doesn't run Maven but supports updates to `pom.xml` files.
 
-[3] {% data variables.product.prodname_dependabot %} doesn't run the NuGet CLI but does support most features up until version 4.8.
+[4] {% data variables.product.prodname_dependabot %} doesn't run the NuGet CLI but does support most features up until version 4.8.
+
+{% ifversion dependabot-PEP621-support %}
+[5] In addition to supporting updates to `requirements.txt` files, {% data variables.product.prodname_dependabot %} supports updates to `pyproject.toml` files if they follow the PEP 621 standard. {% endif %}
 
 {% ifversion fpt or ghec or ghes > 3.4 %}
-[4] {% ifversion ghes = 3.5 %}`pub` support is currently in beta. Any known limitations are subject to change. Note that {% data variables.product.prodname_dependabot %}:
+[6] {% ifversion ghes = 3.5 %}`pub` support is currently in beta. Any known limitations are subject to change. Note that {% data variables.product.prodname_dependabot %}:
    - Doesn't support updating git dependencies for `pub`. 
    - Won't perform an update when the version that it tries to update to is ignored, even if an earlier version is available.
 
    For information about configuring your _dependabot.yml_ file for `pub`, see "[Enabling support for beta-level ecosystems](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#enable-beta-ecosystems)."
    {%- else %}{% data variables.product.prodname_dependabot %} won't perform an update for `pub` when the version that it tries to update to is ignored, even if an earlier version is available.{% endif %}
 {% endif %} 
 
-
-{% ifversion dependabot-PEP621-support %}
-[5] In addition to supporting updates to `requirements.txt` files, {% data variables.product.prodname_dependabot %} supports updates to `pyproject.toml` files if they follow the PEP 621 standard. {% endif %}
-
 {% ifversion dependabot-yarn-v3-update %}
-[6] Dependabot supports vendored dependencies for v2 onwards.{% endif %}
+[7] Dependabot supports vendored dependencies for v2 onwards.{% endif %}