docker-deploy-webhook icon indicating copy to clipboard operation
docker-deploy-webhook copied to clipboard

Published 20 hours ago verified publisher icon iaincollins

Suggest creating DockerHub accounts with read-only access

Open levino opened this issue 6 years ago • 2 comments

As far as I can tell I have to give the service the login for docker hub. Is there no way to have a less permissive authentication method? If this service gets hacked, you have a real problem. Especially if third parties use your images.

levino avatar Jun 14 '18 10:06 levino

Good point. It appears that you can create users with read-only access to private Docker Hub images by creating an organization account or converting an existing account to be an an organization.

https://docs.docker.com/docker-hub/orgs/#repository-team-permissions

https://hub.docker.com/account/convert-to-org/

imjosh avatar Jun 14 '18 15:06 imjosh

Oh that's good point to spell out in the documentation!

I'd only use this with an organisation account and hadn't considered folks using it not in an org (or, as another issue touches on - for public DockerHub images that don't authentication to deploy).

I'll leave this open till I've added some info about this to the docs.

iaincollins avatar Jul 05 '18 14:07 iaincollins