public/docker-registry-proxy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

0.3.0-beta2: don't leak Authorization header from the registry to the redirected destination during @handle_redirects

Browse Source
This commit is contained in:
ricardop
2020-04-03 15:33:46 +02:00
parent bbd4d60bc4
commit 19cbdfedfc
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -43,7 +43,7 @@ docker run --rm --name docker_registry_proxy -it \
-v $(pwd)/docker_mirror_certs:/ca \
-e REGISTRIES="k8s.gcr.io gcr.io quay.io your.own.registry another.public.registry" \
-e AUTH_REGISTRIES="auth.docker.io:dockerhub_username:dockerhub_password your.own.registry:username:password" \
rpardini/docker-registry-proxy:0.3.0-beta1
rpardini/docker-registry-proxy:0.3.0-beta2
```
Example with GCR using credentials from a service account from a key file `servicekey.json`:
@@ -57,7 +57,7 @@ docker run --rm --name docker_registry_proxy -it \
-e AUTH_REGISTRIES_DELIMITER=";;;" \
-e AUTH_REGISTRY_DELIMITER=":::" \
-e AUTH_REGISTRIES="gcr.io:::_json_key:::$(cat servicekey.json);;;auth.docker.io:::dockerhub_username:::dockerhub_password" \
rpardini/docker-registry-proxy:0.3.0-beta1
rpardini/docker-registry-proxy:0.3.0-beta2
```
Let's say you did this on host `192.168.66.72`, you can then `curl http://192.168.66.72:3128/ca.crt` and get the proxy CA certificate.