Merge pull request #4425 from thaJeztah/24.0_backport_credential-store-improvements

[24.0 backport] docs: rephrase section on credential stores for docker login
This commit is contained in:
Sebastiaan van Stijn 2023-07-17 11:39:07 +02:00 committed by GitHub
commit dd08d44044
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 12 deletions

View File

@ -240,7 +240,7 @@ credential store. When this property is set, `docker login` will attempt to
store credentials in the binary specified by `docker-credential-<value>` which store credentials in the binary specified by `docker-credential-<value>` which
is visible on `$PATH`. If this property is not set, credentials will be stored is visible on `$PATH`. If this property is not set, credentials will be stored
in the `auths` property of the config. For more information, see the in the `auths` property of the config. For more information, see the
[**Credentials store** section in the `docker login` documentation](login.md#credentials-store) [**Credential stores** section in the `docker login` documentation](login.md#credential-stores)
The property `credHelpers` specifies a set of credential helpers to use The property `credHelpers` specifies a set of credential helpers to use
preferentially over `credsStore` or `auths` when storing and retrieving preferentially over `credsStore` or `auths` when storing and retrieving

View File

@ -56,27 +56,28 @@ credentials. When you log in, the command stores credentials in
`$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on `$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on
Windows, via the procedure described below. Windows, via the procedure described below.
### Credentials store ### Credential stores
The Docker Engine can keep user credentials in an external credentials store, The Docker Engine can keep user credentials in an external credential store,
such as the native keychain of the operating system. Using an external store such as the native keychain of the operating system. Using an external store
is more secure than storing credentials in the Docker configuration file. is more secure than storing credentials in the Docker configuration file.
To use a credentials store, you need an external helper program to interact To use a credential store, you need an external helper program to interact
with a specific keychain or external store. Docker requires the helper with a specific keychain or external store. Docker requires the helper
program to be in the client's host `$PATH`. program to be in the client's host `$PATH`.
This is the list of currently available credentials helpers and where You can download the helpers from the `docker-credential-helpers`
you can download them from: [releases page](https://github.com/docker/docker-credential-helpers/releases).
Helpers are available for the following credential stores:
- D-Bus Secret Service: https://github.com/docker/docker-credential-helpers/releases - D-Bus Secret Service
- Apple macOS keychain: https://github.com/docker/docker-credential-helpers/releases - Apple macOS keychain
- Microsoft Windows Credential Manager: https://github.com/docker/docker-credential-helpers/releases - Microsoft Windows Credential Manager
- [pass](https://www.passwordstore.org/): https://github.com/docker/docker-credential-helpers/releases - [pass](https://www.passwordstore.org/)
#### Configure the credentials store #### Configure the credential store
You need to specify the credentials store in `$HOME/.docker/config.json` You need to specify the credential store in `$HOME/.docker/config.json`
to tell the docker engine to use it. The value of the config property should be to tell the docker engine to use it. The value of the config property should be
the suffix of the program to use (i.e. everything after `docker-credential-`). the suffix of the program to use (i.e. everything after `docker-credential-`).
For example, to use `docker-credential-osxkeychain`: For example, to use `docker-credential-osxkeychain`: