call [docker] with auth (#9803)

* allow user to set dockerhub credentials * add withJwtAuth function to AuthHelper * use withJwtAuth in DockerHub badges * add unit tests for JWT auth * use auth when calling docker cloud * refactor and assert fetch helpers call withJwtAuth * store token for a max duration (defaults to 1 hour) * tangent: update test example
2023-12-31 14:55:18 +00:00
parent bfa712469a
commit 880c1fb49c
17 changed files with 445 additions and 18 deletions
--- a/doc/server-secrets.md
+++ b/doc/server-secrets.md
@@ -119,6 +119,18 @@ Using a token for Discord is optional but will allow higher API rates.
 Register an application in the [Discord developer console](https://discord.com/developers).
 To obtain a token, simply create a bot for your application.

+### DockerHub
+
+Using authentication for DockerHub is optional but can be used to allow
+higher API rates or access to private repos.
+
+- `DOCKERHUB_USER` (yml: `private.dockerhub_username`)
+- `DOCKERHUB_PAT` (yml: `private.dockerhub_pat`)
+
+`DOCKERHUB_PAT` is a Personal Access Token. Generate a token in your
+[account security settings](https://hub.docker.com/settings/security) with
+"Read-Only" or "Public Repo Read-Only", depending on your needs.
+
 ### Drone

 - `DRONE_ORIGINS` (yml: `public.services.drone.authorizedOrigins`)