baton-dockerhub is a connector for DockerHub built using the Baton SDK. It communicates with the DockerHub API to sync data about organizations, teams, users and repositories.
To make connection with the DockerHub user provisioning API, we used mechanism for obtaining credentials from docker CLI tool hub-tool, you can find used code and changes done on it in folder external.
Check out Baton to learn more about the project in general.
Among the prerequisities for running baton-dockerhub are prerequisities for running hub-tool which is installed Docker on your machine and DockerHub account. You can use account username and password to authenticate in connector.
brew install conductorone/baton/baton conductorone/baton/baton-dockerhub
BATON_USERNAME=username BATON_PASSWORD=password baton-dockerhub
baton resources
docker run --rm -v $(pwd):/out -e BATON_USERNAME=username BATON_PASSWORD=password ghcr.io/conductorone/baton-dockerhub:latest -f "/out/sync.c1z"
docker run --rm -v $(pwd):/out ghcr.io/conductorone/baton:latest -f "/out/sync.c1z" resources
go install github.com/conductorone/baton/cmd/baton@main
go install github.com/conductorone/baton-dockerhub/cmd/baton-dockerhub@main
BATON_USERNAME=username BATON_PASSWORD=password baton-dockerhub
baton resources
baton-dockerhub will pull down information about the following DockerHub resources:
- Organizations
- Teams
- Users
- Repositories
By default, baton-dockerhub will sync information from all available organizations, but you can also specify exactly which organizations you would like to sync using the --orgs flag.
We started Baton because we were tired of taking screenshots and manually building spreadsheets. We welcome contributions, and ideas, no matter how small -- our goal is to make identity and permissions sprawl less painful for everyone. If you have questions, problems, or ideas: Please open a Github Issue!
See CONTRIBUTING.md for more details.
baton-dockerhub
Usage:
baton-dockerhub [flags]
baton-dockerhub [command]
Available Commands:
capabilities Get connector capabilities
completion Generate the autocompletion script for the specified shell
help Help about any command
Flags:
--client-id string The client ID used to authenticate with ConductorOne ($BATON_CLIENT_ID)
--client-secret string The client secret used to authenticate with ConductorOne ($BATON_CLIENT_SECRET)
-f, --file string The path to the c1z file to sync with ($BATON_FILE) (default "sync.c1z")
-h, --help help for baton-dockerhub
--log-format string The output format for logs: json, console ($BATON_LOG_FORMAT) (default "json")
--log-level string The log level: debug, info, warn, error ($BATON_LOG_LEVEL) (default "info")
--orgs strings Limit syncing to specific organizations by providing organization slugs. ($BATON_ORGS)
--password string The DockerHub password used to connect to the DockerHub API. ($BATON_PASSWORD)
-p, --provisioning This must be set in order for provisioning actions to be enabled. ($BATON_PROVISIONING)
--username string The DockerHub username used to connect to the DockerHub API. ($BATON_USERNAME)
-v, --version version for baton-dockerhub
Use "baton-dockerhub [command] --help" for more information about a command.