1# Contributing to Docker
2
3This page contains information about reporting issues as well as some tips and
4guidelines useful to experienced open source contributors. Finally, make sure
5you read our [community guidelines](#docker-community-guidelines) before you
6start participating.
7
8## Topics
9
10* [Reporting Security Issues](#reporting-security-issues)
11* [Design and Cleanup Proposals](#design-and-cleanup-proposals)
12* [Reporting Issues](#reporting-other-issues)
13* [Quick Contribution Tips and Guidelines](#quick-contribution-tips-and-guidelines)
14* [Community Guidelines](#docker-community-guidelines)
15
16## Reporting security issues
17
18The Docker maintainers take security seriously. If you discover a security
19issue, please bring it to their attention right away!
20
21Please **DO NOT** file a public issue, instead send your report privately to
22[security@docker.com](mailto:security@docker.com).
23
24Security reports are greatly appreciated and we will publicly thank you for it.
25We also like to send gifts—if you're into Docker schwag, make sure to let
26us know. We currently do not offer a paid security bounty program, but are not
27ruling it out in the future.
28
29
30## Reporting other issues
31
32A great way to contribute to the project is to send a detailed report when you
33encounter an issue. We always appreciate a well-written, thorough bug report,
34and will thank you for it!
35
36Check that [our issue database](https://github.com/docker/cli/issues)
37doesn't already include that problem or suggestion before submitting an issue.
38If you find a match, you can use the "subscribe" button to get notified on
39updates. Do *not* leave random "+1" or "I have this too" comments, as they
40only clutter the discussion, and don't help resolving it. However, if you
41have ways to reproduce the issue or have additional information that may help
42resolving the issue, please leave a comment.
43
44When reporting issues, always include:
45
46* The output of `docker version`.
47* The output of `docker info`.
48
49Also include the steps required to reproduce the problem if possible and
50applicable. This information will help us review and fix your issue faster.
51When sending lengthy log-files, consider posting them as a gist (https://gist.github.com).
52Don't forget to remove sensitive data from your logfiles before posting (you can
53replace those parts with "REDACTED").
54
55## Quick contribution tips and guidelines
56
57This section gives the experienced contributor some tips and guidelines.
58
59### Pull requests are always welcome
60
61Not sure if that typo is worth a pull request? Found a bug and know how to fix
62it? Do it! We will appreciate it. Any significant improvement should be
63documented as [a GitHub issue](https://github.com/docker/cli/issues) before
64anybody starts working on it.
65
66We are always thrilled to receive pull requests. We do our best to process them
67quickly. If your pull request is not accepted on the first try,
68don't get discouraged! Our contributor's guide explains [the review process we
69use for simple changes](https://docs.docker.com/opensource/workflow/make-a-contribution/).
70
71### Talking to other Docker users and contributors
72
73<table class="tg">
74 <col width="45%">
75 <col width="65%">
76 <tr>
77 <td>Forums</td>
78 <td>
79 A public forum for users to discuss questions and explore current design patterns and
80 best practices about Docker and related projects in the Docker Ecosystem. To participate,
81 just log in with your Docker Hub account on <a href="https://forums.docker.com" target="_blank">https://forums.docker.com</a>.
82 </td>
83 </tr>
84 <tr>
85 <td>Community Slack</td>
86 <td>
87 The Docker Community has a dedicated Slack chat to discuss features and issues. You can sign-up <a href="https://dockr.ly/slack" target="_blank">with this link</a>.
88 </td>
89 </tr>
90 <tr>
91 <td>Twitter</td>
92 <td>
93 You can follow <a href="https://twitter.com/docker/" target="_blank">Docker's Twitter feed</a>
94 to get updates on our products. You can also tweet us questions or just
95 share blogs or stories.
96 </td>
97 </tr>
98 <tr>
99 <td>Stack Overflow</td>
100 <td>
101 Stack Overflow has over 17000 Docker questions listed. We regularly
102 monitor <a href="https://stackoverflow.com/search?tab=newest&q=docker" target="_blank">Docker questions</a>
103 and so do many other knowledgeable Docker users.
104 </td>
105 </tr>
106</table>
107
108
109### Conventions
110
111Fork the repository and make changes on your fork in a feature branch:
112
113- If it's a bug fix branch, name it XXXX-something where XXXX is the number of
114 the issue.
115- If it's a feature branch, create an enhancement issue to announce
116 your intentions, and name it XXXX-something where XXXX is the number of the
117 issue.
118
119Submit unit tests for your changes. Go has a great test framework built in; use
120it! Take a look at existing tests for inspiration. [Run the full test
121suite](README.md) on your branch before
122submitting a pull request.
123
124Update the documentation when creating or modifying features. Test your
125documentation changes for clarity, concision, and correctness, as well as a
126clean documentation build. See our contributors guide for [our style
127guide](https://docs.docker.com/opensource/doc-style) and instructions on [building
128the documentation](https://docs.docker.com/opensource/project/test-and-docs/#build-and-test-the-documentation).
129
130Write clean code. Universally formatted code promotes ease of writing, reading,
131and maintenance. Always run `gofmt -s -w file.go` on each changed file before
132committing your changes. Most editors have plug-ins that do this automatically.
133
134Pull request descriptions should be as clear as possible and include a reference
135to all the issues that they address.
136
137Commit messages must start with a capitalized and short summary (max. 50 chars)
138written in the imperative, followed by an optional, more detailed explanatory
139text which is separated from the summary by an empty line.
140
141Code review comments may be added to your pull request. Discuss, then make the
142suggested modifications and push additional commits to your feature branch. Post
143a comment after pushing. New commits show up in the pull request automatically,
144but the reviewers are notified only when you comment.
145
146Pull requests must be cleanly rebased on top of master without multiple branches
147mixed into the PR.
148
149**Git tip**: If your PR no longer merges cleanly, use `rebase master` in your
150feature branch to update your pull request rather than `merge master`.
151
152Before you make a pull request, squash your commits into logical units of work
153using `git rebase -i` and `git push -f`. A logical unit of work is a consistent
154set of patches that should be reviewed together: for example, upgrading the
155version of a vendored dependency and taking advantage of its now available new
156feature constitute two separate units of work. Implementing a new function and
157calling it in another file constitute a single logical unit of work. The very
158high majority of submissions should have a single commit, so if in doubt: squash
159down to one.
160
161After every commit, make sure the test suite passes. Include documentation
162changes in the same pull request so that a revert would remove all traces of
163the feature or fix.
164
165Include an issue reference like `Closes #XXXX` or `Fixes #XXXX` in the pull request
166description that close an issue. Including references automatically closes the issue
167on a merge.
168
169Please do not add yourself to the `AUTHORS` file, as it is regenerated regularly
170from the Git history.
171
172Please see the [Coding Style](#coding-style) for further guidelines.
173
174### Merge approval
175
176Docker maintainers use LGTM (Looks Good To Me) in comments on the code review to
177indicate acceptance.
178
179A change requires LGTMs from an absolute majority of the maintainers of each
180component affected. For example, if a change affects `docs/` and `registry/`, it
181needs an absolute majority from the maintainers of `docs/` AND, separately, an
182absolute majority of the maintainers of `registry/`.
183
184For more details, see the [MAINTAINERS](MAINTAINERS) page.
185
186### Sign your work
187
188The sign-off is a simple line at the end of the explanation for the patch. Your
189signature certifies that you wrote the patch or otherwise have the right to pass
190it on as an open-source patch. The rules are pretty simple: if you can certify
191the below (from [developercertificate.org](https://developercertificate.org):
192
193```
194Developer Certificate of Origin
195Version 1.1
196
197Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
198660 York Street, Suite 102,
199San Francisco, CA 94110 USA
200
201Everyone is permitted to copy and distribute verbatim copies of this
202license document, but changing it is not allowed.
203
204Developer's Certificate of Origin 1.1
205
206By making a contribution to this project, I certify that:
207
208(a) The contribution was created in whole or in part by me and I
209 have the right to submit it under the open source license
210 indicated in the file; or
211
212(b) The contribution is based upon previous work that, to the best
213 of my knowledge, is covered under an appropriate open source
214 license and I have the right under that license to submit that
215 work with modifications, whether created in whole or in part
216 by me, under the same open source license (unless I am
217 permitted to submit under a different license), as indicated
218 in the file; or
219
220(c) The contribution was provided directly to me by some other
221 person who certified (a), (b) or (c) and I have not modified
222 it.
223
224(d) I understand and agree that this project and the contribution
225 are public and that a record of the contribution (including all
226 personal information I submit with it, including my sign-off) is
227 maintained indefinitely and may be redistributed consistent with
228 this project or the open source license(s) involved.
229```
230
231Then you just add a line to every git commit message:
232
233 Signed-off-by: Joe Smith <joe.smith@email.com>
234
235Use your real name (sorry, no pseudonyms or anonymous contributions.)
236
237If you set your `user.name` and `user.email` git configs, you can sign your
238commit automatically with `git commit -s`.
239
240### How can I become a maintainer?
241
242The procedures for adding new maintainers are explained in the
243global [MAINTAINERS](https://github.com/docker/opensource/blob/master/MAINTAINERS)
244file in the [https://github.com/docker/opensource/](https://github.com/docker/opensource/)
245repository.
246
247Don't forget: being a maintainer is a time investment. Make sure you
248will have time to make yourself available. You don't have to be a
249maintainer to make a difference on the project!
250
251## Docker community guidelines
252
253We want to keep the Docker community awesome, growing and collaborative. We need
254your help to keep it that way. To help with this we've come up with some general
255guidelines for the community as a whole:
256
257* Be nice: Be courteous, respectful and polite to fellow community members:
258 no regional, racial, gender, or other abuse will be tolerated. We like
259 nice people way better than mean ones!
260
261* Encourage diversity and participation: Make everyone in our community feel
262 welcome, regardless of their background and the extent of their
263 contributions, and do everything possible to encourage participation in
264 our community.
265
266* Keep it legal: Basically, don't get us in trouble. Share only content that
267 you own, do not share private or sensitive information, and don't break
268 the law.
269
270* Stay on topic: Make sure that you are posting to the correct channel and
271 avoid off-topic discussions. Remember when you update an issue or respond
272 to an email you are potentially sending to a large number of people. Please
273 consider this before you update. Also remember that nobody likes spam.
274
275* Don't send email to the maintainers: There's no need to send email to the
276 maintainers to ask them to investigate an issue or to take a look at a
277 pull request. Instead of sending an email, GitHub mentions should be
278 used to ping maintainers to review a pull request, a proposal or an
279 issue.
280
281### Guideline violations — 3 strikes method
282
283The point of this section is not to find opportunities to punish people, but we
284do need a fair way to deal with people who are making our community suck.
285
2861. First occurrence: We'll give you a friendly, but public reminder that the
287 behavior is inappropriate according to our guidelines.
288
2892. Second occurrence: We will send you a private message with a warning that
290 any additional violations will result in removal from the community.
291
2923. Third occurrence: Depending on the violation, we may need to delete or ban
293 your account.
294
295**Notes:**
296
297* Obvious spammers are banned on first occurrence. If we don't do this, we'll
298 have spam all over the place.
299
300* Violations are forgiven after 6 months of good behavior, and we won't hold a
301 grudge.
302
303* People who commit minor infractions will get some education, rather than
304 hammering them in the 3 strikes process.
305
306* The rules apply equally to everyone in the community, no matter how much
307 you've contributed.
308
309* Extreme violations of a threatening, abusive, destructive or illegal nature
310 will be addressed immediately and are not subject to 3 strikes or forgiveness.
311
312* Contact abuse@docker.com to report abuse or appeal violations. In the case of
313 appeals, we know that mistakes happen, and we'll work with you to come up with a
314 fair solution if there has been a misunderstanding.
315
316## Coding Style
317
318Unless explicitly stated, we follow all coding guidelines from the Go
319community. While some of these standards may seem arbitrary, they somehow seem
320to result in a solid, consistent codebase.
321
322It is possible that the code base does not currently comply with these
323guidelines. We are not looking for a massive PR that fixes this, since that
324goes against the spirit of the guidelines. All new contributions should make a
325best effort to clean up and make the code base better than they left it.
326Obviously, apply your best judgement. Remember, the goal here is to make the
327code base easier for humans to navigate and understand. Always keep that in
328mind when nudging others to comply.
329
330The rules:
331
3321. All code should be formatted with `gofumpt` (preferred) or `gofmt -s`.
3332. All code should pass the default levels of
334 [`golint`](https://github.com/golang/lint).
3353. All code should follow the guidelines covered in [Effective Go](https://go.dev/doc/effective_go)
336 and [Go Code Review Comments](https://github.com/golang/go/wiki/CodeReviewComments).
3374. Comment the code. Tell us the why, the history and the context.
3385. Document _all_ declarations and methods, even private ones. Declare
339 expectations, caveats and anything else that may be important. If a type
340 gets exported, having the comments already there will ensure it's ready.
3416. Variable name length should be proportional to its context and no longer.
342 `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`.
343 In practice, short methods will have short variable names and globals will
344 have longer names.
3457. No underscores in package names. If you need a compound name, step back,
346 and re-examine why you need a compound name. If you still think you need a
347 compound name, lose the underscore.
3488. No utils or helpers packages. If a function is not general enough to
349 warrant its own package, it has not been written generally enough to be a
350 part of a util package. Just leave it unexported and well-documented.
3519. All tests should run with `go test` and outside tooling should not be
352 required. No, we don't need another unit testing framework. Assertion
353 packages are acceptable if they provide _real_ incremental value.
35410. Even though we call these "rules" above, they are actually just
355 guidelines. Since you've read all the rules, you now know that.
356
357If you are having trouble getting into the mood of idiomatic Go, we recommend
358reading through [Effective Go](https://go.dev/doc/effective_go). The
359[Go Blog](https://go.dev/blog/) is also a great resource. Drinking the
360kool-aid is a lot easier than going thirsty.
View as plain text