Docker Hub Organization: Block Personal Repositories

[Lundli]

Feature Request: (Docker Hub Organization): Block Users from Creating Personal Repositories

Tell us about your request Add organization-level control to prevent users from creating (and pushing to) personal repositories on Docker Hub. Personal repositories can be public, and can thus expose data.

Which service(s) is this request for? Docker Hub

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? We are an enterprise, and want to prevent our users from creating personal repositories on Docker Hub. Even though our users are provisioned through SCIM, and we have SSO-enforced, the users themselves are still "Community Users", meaning they can create and push to personal public/private repositories at will. This means that personal repositories are outside of our organization's control.

To add to this, the default personal repository privacy setting for new users on Docker Hub is public.

We have been in touch with Docker Support, who informed us that the only way to currently achieve this, is to block Docker Hub as a registry altogether.

Are you currently working around the issue? Currently, we have a monitoring script that checks and alerts on public repositories belonging to our organization members.

Support suggested blocking Docker Hub entirely via "Registry access" settings, but would mean we cannot use Docker Hub at all.

Additional context This request is somewhat related: https://github.com/docker/roadmap/issues/572.