Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello, I recently ran into an issue when trying to allow watchtower to pull images through this proxy while keeping the other APIs read-only and thought I'd share my solution. This PR introduces a new access check that can grant read/write permissions to any section of the Docker API.
Now, read/write access is managed using XXXXX_READ and XXXXX_WRITE environment variables, where XXXXX represents the Docker API section. For instance, setting CONTAINERS_READ=1 allows GET/HEAD requests to the containers endpoint.
To keep everything backwards compatible, original variable names may still be used to grant read-only access. The POST variable will grant write access to all readable APIs, preserving the functionality of the original code.
If you're interested in merging this, but have some questions or feedback just let me know.