realms

package
v0.0.28 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2026 License: Apache-2.0 Imports: 1 Imported by: 0

Documentation

Overview

Package realms exposes the canonical set of Docker realm patterns that clients use to scope secret queries.

A realm is a path-pattern contract - not a permission boundary. Clients use realms to declare which set of secrets they care about (e.g. Hub auth, registry auth, MCP OAuth). Once a realm is established its pattern MUST NOT change; clients may pin to a realm and treat it as a stable interface.

The Docker realm hierarchy is: 

docker/                        – all Docker secrets
docker/auth/hub/**             – Docker Hub authentication (OAuth login)
docker/auth/hub-staging/**     – Docker Hub staging authentication
docker/auth/registry/docker/** – Docker Registry authentication
docker/auth/metadata/hub/**    – metadata for the default Hub user
docker/mcp/**                  – MCP-related secrets
docker/mcp/oauth/**            – MCP OAuth credentials
docker/mcp/oauth-dcr/**        – MCP Dynamic Client Registration configs
docker/sandbox/**              – Sandbox-related secrets
docker/sandbox/oauth/**        – Sandbox third-party OAuth tokens

All variables in this package are re-exported from github.com/docker/secrets-engine/x/realms and are provided here as a stable, versioned surface for external consumers.

Index

Constants

This section is empty.

Variables

View Source 
var (
	DockerHubAuthentication             = xrealms.DockerHubAuthentication
	DockerHubStagingAuthentication      = xrealms.DockerHubStagingAuthentication
	DockerRegistryAuthentication        = xrealms.DockerRegistryAuthentication
	DockerRegistryStagingAuthentication = xrealms.DockerRegistryStagingAuthentication
)

Docker realms all start with `docker/` as the prefix.

Authentication flows done by the Docker CLI, Docker Desktop and Docker related products must go through `docker/auth`.

Docker Hub authentication (browser based OAuth login) will be prefixed with `docker/auth/hub/<username>`.

Docker Registry authentication will be prefixed with `docker/auth/registry/docker/<username>`.

View Source 
var (
	// DockerHubAuthenticationMetadata is a pointer to the default user signed in to Docker
	DockerHubAuthenticationMetadata = xrealms.DockerHubAuthenticationMetadata
	// DockerHubStagingAuthenticationMetadata is a pointer to the default staging user signed in to Docker
	DockerHubStagingAuthenticationMetadata = xrealms.DockerHubStagingAuthenticationMetadata
)
View Source 
var (
	// DockerMCPDefault is the default realm used for MCP related secrets
	DockerMCPDefault = xrealms.DockerMCPDefault
	// DockerMCPOAuth is the realm used for all MCP OAuth credentials retrieved by Docker.
	DockerMCPOAuth = xrealms.DockerMCPOAuth
	// DockerMCPOAuthDCR is the realm used to hold Dynamic Client Registered (DCR)
	// OAuth configurations for supported MCP servers.
	DockerMCPOAuthDCR = xrealms.DockerMCPOAuthDCR
)
View Source 
var (
	// DockerSandbox is the default realm used for Sandbox related secrets
	DockerSandbox = xrealms.DockerSandbox
	// DockerSandboxOAuth is the realm used for all Sandbox OAuth credentials
	// such as third-party tokens - this does not store the Docker Auth tokens.
	DockerSandboxOAuth = xrealms.DockerSandboxOAuth
)

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.