mirror of https://github.com/docker/docs.git
updated registry.json (#14551)
* updated registry.json * updated install info * fix some formatting issues for registry.json instructions - use `console` blocks for command-line examples - use different prompts for "powershell" and "non-powershell" examples - fix path of registry.json on macOS - wrap some of the lines to ~80 chars Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
parent
bf7b021a40
commit
66bc6c643e
|
@ -2,63 +2,68 @@
|
|||
|
||||
## Create a registry.json file
|
||||
|
||||
After you’ve successfully installed Docker Desktop, create a `registry.json`
|
||||
file. Before you create a `registry.json` file, ensure that the developer is a
|
||||
member of at least one organization in Docker Hub. If the `registry.json` file
|
||||
matches at least one organization the developer is a member of, they can sign
|
||||
into Docker Desktop, and then access all their organizations.
|
||||
When creating a `registry.json` file, ensure that the developer is a member of
|
||||
at least one organization in Docker Hub. If the `registry.json` file matches at
|
||||
least one organization the developer is a member of, they can sign in to Docker
|
||||
Desktop and access all their organizations.
|
||||
|
||||
### Windows
|
||||
|
||||
On Windows, you must create a file at
|
||||
`C:\ProgramData\DockerDesktop\registry.json` with file permissions that ensure
|
||||
that the developer using Docker Desktop cannot remove or edit the file (that is,
|
||||
only the system administrator can write to the file). The file must be of type
|
||||
`JSON` and contain the name of the organization in the `allowedOrgs` key.
|
||||
On Windows, run the following command in a terminal to install Docker Desktop:
|
||||
|
||||
To create your `registry.json` file on Windows:
|
||||
```console
|
||||
C:\Users\Admin> "Docker Desktop Installer.exe" install
|
||||
```
|
||||
|
||||
1. Open Windows PowerShell and select Run as Administrator.
|
||||
2. Type the following command `cd /ProgramData/DockerDesktop/`
|
||||
3. Type `notepad registry.json` and enter the name of the Docker Hub
|
||||
organization that the developer belongs to in the `allowedOrgs` key and click
|
||||
**Save**. For example:
|
||||
If you’re using PowerShell, you should run it as:
|
||||
|
||||
```json
|
||||
{
|
||||
"allowedOrgs": ["myorg"]
|
||||
}
|
||||
```
|
||||
```console
|
||||
PS> Start-Process '.\win\build\Docker Desktop Installer.exe' -Wait install
|
||||
```
|
||||
|
||||
If using the Windows Command Prompt:
|
||||
|
||||
```console
|
||||
C:\Users\Admin> start /w "" "Docker Desktop Installer.exe" install
|
||||
```
|
||||
|
||||
The `install` command accepts the following flag:
|
||||
|
||||
`--allowed-org=<org name>`
|
||||
|
||||
This requires the user to sign in and be part of the specified Docker Hub organization
|
||||
when running the application. For example:
|
||||
|
||||
```console
|
||||
C:\Users\Admin> "Docker Desktop Installer.exe" install --allowed-org=acmeinc
|
||||
```
|
||||
|
||||
This creates the `registry.json` file at `C:\ProgramData\DockerDesktop\registry.json`
|
||||
and includes the organization information the user belongs to. Make sure this file
|
||||
can't be edited by the individual developer, only by the administrator.
|
||||
|
||||
### Mac
|
||||
|
||||
On macOS, you must create a file at `/Library/Application Support/com.docker.docker/registry.json` with file permissions that ensure that
|
||||
the developer using Docker Desktop cannot remove or edit the file (that is, only
|
||||
the system administrator can write to the file). The file must be of type `JSON`
|
||||
and contain the name of the Docker Hub organization names in the `allowedOrgs`
|
||||
key.
|
||||
After downloading `Docker.dmg`, run the following commands in a terminal to install
|
||||
Docker Desktop in the Applications folder:
|
||||
|
||||
To create your `registry.json` file on macOS:
|
||||
```console
|
||||
$ sudo hdiutil attach Docker.dmg
|
||||
$ sudo /Volumes/Docker/Docker.app/Contents/MacOS/install
|
||||
$ sudo hdiutil detach /Volumes/Docker
|
||||
```
|
||||
|
||||
1. Navigate to VS Code or any text editor of your choice.
|
||||
2. Enter the name of the Docker Hub organization that the developer belongs to in the `allowedOrgs` key and save it in your Documents. For example:
|
||||
The `install` command accepts the following flags:
|
||||
|
||||
```json
|
||||
{
|
||||
"allowedOrgs": ["myorg"]
|
||||
}
|
||||
```
|
||||
`--allowed-org=<org name>`
|
||||
|
||||
3. Open a new terminal and type the following command:
|
||||
This requires the user to sign in and be part of the specified Docker Hub
|
||||
organization when running the application. For example:
|
||||
|
||||
```console
|
||||
$ sudo mkdir -p /Library/Application\ Support/com.docker.docker
|
||||
```
|
||||
```console
|
||||
$ sudo hdiutil attach Docker.dmg --allowed-org=acmeinc
|
||||
```
|
||||
|
||||
If prompted, type your password associated with your local computer.
|
||||
|
||||
4. Type the following command:
|
||||
|
||||
```console
|
||||
$ sudo cp Documents/registry.json /Library/Application\ Support/com.docker.docker/registry.json
|
||||
```
|
||||
This creates the `registry.json` file at `/Library/Application Support/com.docker.docker/registry.json`
|
||||
and includes the organization information the user belongs to. Make sure this file
|
||||
can't be edited by the individual developer, only by the administrator.
|
||||
|
|
|
@ -5,12 +5,10 @@ title: Configure registry.json to enforce sign in
|
|||
---
|
||||
|
||||
The `registry.json` file is a configuration file that allows administrators to
|
||||
specify the Docker organization the user must belong to, and thereby ensure
|
||||
that the organization's settings are applied to the user's session. Docker
|
||||
Desktop installation requires admin access. In large enterprises where admin
|
||||
access is restricted, administrators can create a `registry.json` file and
|
||||
deploy it to the users’ machines using a device management software as part of
|
||||
the Docker Desktop installation process.
|
||||
specify the Docker organization the user must belong to and ensure that the
|
||||
organization’s settings apply to the user’s session. The Docker Desktop installer
|
||||
can create this file and deploy it to the users’ machines as part of the installation
|
||||
process.
|
||||
|
||||
After you deploy a `registry.json` file to a user’s machine, it prompts the user to sign into Docker Desktop. If a user doesn’t sign in, or tries to sign in using a different organization, other than the organization listed in the `registry.json` file, they will be denied access to Docker Desktop.
|
||||
Deploying a `registry.json` file and forcing users to authenticate offers the following benefits:
|
||||
|
|
Loading…
Reference in New Issue