Menu
I have a private Docker registry running.
Any user should be able to push and pull any image. Therefore, right now I am not using any user identification at all.
However, a user should not be able to trick the registry to overwrite the Images of other users.
If user A uploads ourRegistry/myProgram:version_1, then user B should not be able to upload something tagged ourRegistry/myProgram:version_2.
Is there a way to add user authentification to a private registry to do this?
Additionally, the registry is part of a server that already has its own database of registered users. Is there a way to synchronize the users, so that the users don't have to remember two passwords?
780
The official documentation on docker registry authentication is located here: https://docs.docker.com/registry/deploying/#native-basic-auth. Since it uses htpasswd to handle its authentication I'm not sure if there's any way to use your user database dynamically (obviously you can write a script to import all your users using htpasswd mentioned in this documentation)
91
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
