Reputation: 11
Create Content Selector and Privileges via script for separating a docker registry into project owned namespaces
Do you know if there is any way to create content selectors and content selector privileges via script for Nexus Repository Manager OSS?
Thanks in advance for every answer :-)
My idea is to divide a hosted Docker Repository into separated (protected) namespaces (for each product/team/project) - I do not want to do the following steps manually; a better approach is to create a script for that:
1 Create Content Selector
format == "docker" && (path == "/v2/" || path =^ "/v2/PROJECTNAME/")
2 Create Content Selector Privilege Use the selector created in step 1 and choose a docker repo.
3 Create role Create a role and grant the privilege created in step 2
4 Create user Create a user with a randomly generated pwd and grant the role from step 3 to newly created user.
A project can use this user to access the docker registry only within its granted Namespace
Upvotes: 1
Views: 776
Answers (1)
Reputation: 121
This gist should provide enough detail to get you rolling:
https://gist.github.com/nblair/1a0e05713c3edb7e5360c2b0222c7623
Hope this helps!
Upvotes: 2
Related Questions
- Nexus Docker and restricting access via Content Selector
- How to limit content selector by docker tag in Sonatype Nexus3?
- docker manifest create annotate and push in a script
- Controlling access to docker registry with Sonatype nexus
- Docker registry: Limit access by account to subset of images
- Configure Sonatype Nexus 3 privileges for hosted docker registry namespace using wildcard
- how to restrict docker to pull/push to specific registry
- Dynamic Docker Registry
- Access control for private docker registry
- Automate adding new repository tags to Docker Registry Automated Build