doctl, the official DigitalOcean cli, provides two commands that integrate with Docker:
doctl registry login
doctl registry logout
They enable a user to configure Docker to access their private container registry. This is done via a Go package provided by Docker for updating its config. In order to allow Snap users to run this command, we are requesting a new personal-files plug for write access to the $HOME/.docker directory.
See this PR for the proposed change to our Snap definition:
We require permissions to the entire directory rather than just $HOME/.docker/config.json as a temp file is first written there before being moved its final location. For example, this is the output of watching the directory with inotifywait when the command is run outside of Snap confinement:
$ inotifywait -m -r ~/.docker/
Setting up watches. Beware: since -r was given, this may take a while!
Watches established.
/home/asb/.docker/ OPEN config.json
/home/asb/.docker/ ACCESS config.json
/home/asb/.docker/ CLOSE_NOWRITE,CLOSE config.json
/home/asb/.docker/ CREATE config.json007478726
/home/asb/.docker/ OPEN config.json007478726
/home/asb/.docker/ MODIFY config.json007478726
/home/asb/.docker/ CLOSE_WRITE,CLOSE config.json007478726
/home/asb/.docker/ MOVED_FROM config.json007478726
/home/asb/.docker/ MOVED_TO config.json
Note that we are not asking for auto-connect.
Please let me know if there’s anything else you need to process this request. Thanks!
Apologies this request got missed initially - I have added it to the internal queue for review.
+1 from me for personal-files access for doctl for write access to $HOME/.docker but without auto-connect as doctl is clearly not the owner of this location - however, can this please be named dot-docker instead of docker-config so it is clearer to users what access they are granting when manually connecting this interface?
+1 for use of personal-files with the dot-docker interface reference for write access to $HOME/.docker without auto-connection.
2 votes for, 0 against. This is now live.
Note, there is a corresponding change to the review-tools that I’ve committed but is not yet in production. Until it is, your snap will not pass automated review, but we can manually approve new revisions.
We’ve released v1.45.1 (Snap build 331) with these changes. Can it be approved and promoted to stable?
We also have a CD process that releases each merge to master to our candidate channel. As there have already been commits since the v1.45.1 release. It has fallen off of this page:
Will it still be possible to promoted v1.45.1 (Snap build 331) to stable?
