updated registry.json (#14551)

* updated registry.json

* updated install info

* fix some formatting issues for registry.json instructions

- use `console` blocks for command-line examples
- use different prompts for "powershell" and "non-powershell" examples
- fix path of registry.json on macOS
- wrap some of the lines to ~80 chars

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
jerae-duffin 2022-04-19 11:48:01 -05:00 committed by GitHub
parent bf7b021a40
commit 66bc6c643e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 54 additions and 51 deletions

View File

@ -2,63 +2,68 @@
## Create a registry.json file
After youve successfully installed Docker Desktop, create a `registry.json`
file. Before you create a `registry.json` file, ensure that the developer is a
member of at least one organization in Docker Hub. If the `registry.json` file
matches at least one organization the developer is a member of, they can sign
into Docker Desktop, and then access all their organizations.
When creating a `registry.json` file, ensure that the developer is a member of
at least one organization in Docker Hub. If the `registry.json` file matches at
least one organization the developer is a member of, they can sign in to Docker
Desktop and access all their organizations.
### Windows
On Windows, you must create a file at
`C:\ProgramData\DockerDesktop\registry.json` with file permissions that ensure
that the developer using Docker Desktop cannot remove or edit the file (that is,
only the system administrator can write to the file). The file must be of type
`JSON` and contain the name of the organization in the `allowedOrgs` key.
On Windows, run the following command in a terminal to install Docker Desktop:
To create your `registry.json` file on Windows:
```console
C:\Users\Admin> "Docker Desktop Installer.exe" install
```
1. Open Windows PowerShell and select Run as Administrator.
2. Type the following command `cd /ProgramData/DockerDesktop/`
3. Type `notepad registry.json` and enter the name of the Docker Hub
organization that the developer belongs to in the `allowedOrgs` key and click
**Save**. For example:
If youre using PowerShell, you should run it as:
```json
{
"allowedOrgs": ["myorg"]
}
```
```console
PS> Start-Process '.\win\build\Docker Desktop Installer.exe' -Wait install
```
If using the Windows Command Prompt:
```console
C:\Users\Admin> start /w "" "Docker Desktop Installer.exe" install
```
The `install` command accepts the following flag:
`--allowed-org=<org name>`
This requires the user to sign in and be part of the specified Docker Hub organization
when running the application. For example:
```console
C:\Users\Admin> "Docker Desktop Installer.exe" install --allowed-org=acmeinc
```
This creates the `registry.json` file at `C:\ProgramData\DockerDesktop\registry.json`
and includes the organization information the user belongs to. Make sure this file
can't be edited by the individual developer, only by the administrator.
### Mac
On macOS, you must create a file at `/Library/Application Support/com.docker.docker/registry.json` with file permissions that ensure that
the developer using Docker Desktop cannot remove or edit the file (that is, only
the system administrator can write to the file). The file must be of type `JSON`
and contain the name of the Docker Hub organization names in the `allowedOrgs`
key.
After downloading `Docker.dmg`, run the following commands in a terminal to install
Docker Desktop in the Applications folder:
To create your `registry.json` file on macOS:
```console
$ sudo hdiutil attach Docker.dmg
$ sudo /Volumes/Docker/Docker.app/Contents/MacOS/install
$ sudo hdiutil detach /Volumes/Docker
```
1. Navigate to VS Code or any text editor of your choice.
2. Enter the name of the Docker Hub organization that the developer belongs to in the `allowedOrgs` key and save it in your Documents. For example:
The `install` command accepts the following flags:
```json
{
"allowedOrgs": ["myorg"]
}
```
`--allowed-org=<org name>`
3. Open a new terminal and type the following command:
This requires the user to sign in and be part of the specified Docker Hub
organization when running the application. For example:
```console
$ sudo mkdir -p /Library/Application\ Support/com.docker.docker
```
```console
$ sudo hdiutil attach Docker.dmg --allowed-org=acmeinc
```
If prompted, type your password associated with your local computer.
4. Type the following command:
```console
$ sudo cp Documents/registry.json /Library/Application\ Support/com.docker.docker/registry.json
```
This creates the `registry.json` file at `/Library/Application Support/com.docker.docker/registry.json`
and includes the organization information the user belongs to. Make sure this file
can't be edited by the individual developer, only by the administrator.

View File

@ -5,12 +5,10 @@ title: Configure registry.json to enforce sign in
---
The `registry.json` file is a configuration file that allows administrators to
specify the Docker organization the user must belong to, and thereby ensure
that the organization's settings are applied to the user's session. Docker
Desktop installation requires admin access. In large enterprises where admin
access is restricted, administrators can create a `registry.json` file and
deploy it to the users machines using a device management software as part of
the Docker Desktop installation process.
specify the Docker organization the user must belong to and ensure that the
organizations settings apply to the users session. The Docker Desktop installer
can create this file and deploy it to the users machines as part of the installation
process.
After you deploy a `registry.json` file to a users machine, it prompts the user to sign into Docker Desktop. If a user doesnt sign in, or tries to sign in using a different organization, other than the organization listed in the `registry.json` file, they will be denied access to Docker Desktop.
Deploying a `registry.json` file and forcing users to authenticate offers the following benefits: