diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index 4128baf6a9..5343c65758 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -142,6 +142,20 @@ property is not set, the client falls back to the default table format. For a list of supported formatting directives, see [**Formatting** section in the `docker stats` documentation](stats.md) +The property `credsStore` specifies an external binary to serve as the default +credential store. When this property is set, `docker login` will attempt to +store credentials in the binary specified by `docker-credential-` which +is visible on `$PATH`. If this property is not set, credentials will be stored +in the `auths` property of the config. For more information, see the +[**Credentials store** section in the `docker login` documentation](login.md#credentials-store) + +The property `credHelpers` specifies a set of credential helpers to use +preferentially over `credsStore` or `auths` when storing and retrieving +credentials for specific registries. If this property is set, the binary +`docker-credential-` will be used when storing or retrieving credentials +for a specific registry. For more information, see the +[**Credential helpers** section in the `docker login` documentation](login.md#credential-helpers) + Once attached to a container, users detach from it and leave it running using the using `CTRL-p CTRL-q` key sequence. This detach key sequence is customizable using the `detachKeys` property. Specify a `` value for the @@ -171,7 +185,12 @@ Following is a sample `config.json` file: "imagesFormat": "table {{.ID}}\\t{{.Repository}}\\t{{.Tag}}\\t{{.CreatedAt}}", "statsFormat": "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}", "serviceInspectFormat": "pretty", - "detachKeys": "ctrl-e,e" + "detachKeys": "ctrl-e,e", + "credsStore": "secretservice", + "credHelpers": { + "awesomereg.example.org": "hip-star", + "unicorn.example.com": "vcbait" + } } {% endraw %} diff --git a/docs/reference/commandline/login.md b/docs/reference/commandline/login.md index a0f35fd4d0..17bb76083b 100644 --- a/docs/reference/commandline/login.md +++ b/docs/reference/commandline/login.md @@ -63,7 +63,9 @@ you can download them from: ### Usage You need to specify the credentials store in `$HOME/.docker/config.json` -to tell the docker engine to use it: +to tell the docker engine to use it. The value of the config property should be +the suffix of the program to use (i.e. everything after `docker-credential-`). +For example, to use `docker-credential-osxkeychain`: ```json { @@ -120,3 +122,31 @@ an example of that payload: `https://index.docker.io/v1`. The `erase` command can write error messages to `STDOUT` that the docker engine will show if there was an issue. + +## Credential helpers + +Credential helpers are similar to the credential store above, but act as the +designated programs to handle credentials for *specific registries*. The default +credential store (`credsStore` or the config file itself) will not be used for +operations concerning credentials of the specified registries. + +### Usage + +If you are currently logged in, run `docker logout` to remove +the credentials from the default store. + +Credential helpers are specified in a similar way to `credsStore`, but +allow for multiple helpers to be configured at a time. Keys specify the +registry domain, and values specify the suffix of the program to use +(i.e. everything after `docker-credential-`). +For example: + +```json +{ + "credHelpers": { + "registry.example.com": "registryhelper", + "awesomereg.example.org": "hip-star", + "unicorn.example.io": "vcbait" + } +} +```