DemandFlow Support Centre

DOCKERREGISTRY: Docker Registry

A Docker container registry that stores and distributes container images, with authentication, scanning, and replication policies.

Default definition. This article describes the default DOCKERREGISTRY definition shipped with DemandFlow. Administrators can add, remove, rename, or re-type fields, change which ones are required, and alter the layout from the Definitions screen in Settings. Your tenant's current schema may differ from what is shown here. To read the current definition at any time, GET the DEFINITION object whose id matches DOCKERREGISTRY.

Entity properties

Property	Value
Entity code	`DOCKERREGISTRY`
Display name	Docker Registry
Plural	Docker Registries
Level	421

Use cases

DOCKERREGISTRY models the container registry infrastructure that DOCKERIMAGE objects are stored in. The General panel captures registry name, URL, type (Docker Hub, Harbor, ECR, ACR, GCR, GitLab, Artifactory, Nexus, Quay, Private), and status. Configuration records the default namespace, public access, HTTPS, proxy cache, and replication flags. Storage & Limits tracks the backend type (S3, Azure Blob, GCS, local, etc.), storage limit/used, and image/tag counts. Authentication provides comprehensive credential management (Basic, Token, OAuth2, LDAP, SAML, OIDC) with advanced settings for identity providers, LDAP servers, OAuth endpoints, and credential expiry. Access Control defines default permissions, anonymous access, quotas, and RBAC policies. The Repositories panel lists all repos with public/private counts and total size. Security covers vulnerability scanning configuration (scanner selection, scan-on-push, block threshold) and content trust (Notary, signing keys, trusted signers, at-rest encryption). Replication configures cross-registry image synchronisation with targets, schedule, mode (push/pull/both), and filter patterns -- essential for multi-region deployments. Garbage Collection manages image cleanup with retention policies, untagged image deletion, and space reclamation tracking. Webhooks integrates with CI/CD and notification systems. Monitoring tracks push/pull rates, error rate, response time, bandwidth, and cache efficiency. Integration links to CI/CD systems and Kubernetes clusters.

Fields

Registry Information

Field	Type	Required	Notes
`name`	text	Yes	Registry Name.
`url`	text (URL)	Yes	e.g., registry.example.com
`registryType`	enum	Yes	Valid ids: `1` (Docker Hub), `2` (Harbor), `3` (AWS ECR), `4` (Azure ACR), `5` (Google GCR), `6` (GitLab Registry), `7` (JFrog Artifactory), `8` (Nexus Repository), `9` (Quay.io), `10` (Private Registry).
`status`	enum	Yes	Valid ids: `1` (Active), `2` (Inactive), `3` (Maintenance), `4` (Error).

Configuration

Field	Type	Notes
`description`	text (multi-line)	Description.
`namespace`	text	Default org/namespace
`publicAccess`	boolean	Public Access.
`httpsEnabled`	boolean	HTTPS Enabled.
`proxyEnabled`	boolean	Proxy Cache Enabled.
`replicationEnabled`	boolean	Replication Enabled.

Storage & Limits

Field	Type	Notes
`storageBackend`	enum	Valid ids: `1` (Local Filesystem), `2` (S3), `3` (Azure Blob), `4` (Google Cloud Storage), `5` (Swift), `6` (MinIO).
`storageLimit`	number	Storage Limit (GB).
`storageUsed`	number	Storage Used (GB). Read only.
`imageCount`	number	Total Images. Read only.
`tagCount`	number	Total Tags. Read only.

Authentication Settings

Field	Type	Notes
`authEnabled`	boolean	Authentication Required.
`authType`	enum	Valid ids: `1` (Basic Auth), `2` (Token), `3` (OAuth2), `4` (LDAP), `5` (SAML), `6` (OIDC).
`username`	text	Username.
`password`	text	Password.
`token`	text (multi-line)	API token or service account

Advanced Authentication

Field	Type	Notes
`identityProvider`	text	Identity Provider.
`ldapServer`	text	LDAP Server.
`oauthEndpoint`	text (URL)	OAuth Endpoint.
`serviceAccount`	text	Service Account.
`credentialsExpiry`	datetime	Credentials Expiry.

Repository Permissions

Field	Type	Notes
`defaultPermissions`	enum	Valid ids: `1` (Read Only), `2` (Read/Write), `3` (Admin), `4` (None).
`anonymousAccess`	boolean	Anonymous Access.
`userQuota`	number	User Quota (GB).
`projectQuota`	number	Project Quota (GB).
`accessPolicies`	text (multi-line)	RBAC policies (JSON)
`allowedUsers`	text (multi-line)	User whitelist
`blockedUsers`	text (multi-line)	User blacklist

Repository Management

Field	Type	Notes
`repositories`	text (multi-line)	List of repositories Read only.
`repoCount`	number	Repository Count. Read only.
`publicRepoCount`	number	Public Repos. Read only.
`privateRepoCount`	number	Private Repos. Read only.
`totalSize`	number	Total Size (GB). Read only.

Security Scanning

Field	Type	Notes
`scanningEnabled`	boolean	Vulnerability Scanning.
`scanOnPush`	boolean	Scan on Push.
`scanner`	enum	Valid ids: `1` (None), `2` (Trivy), `3` (Clair), `4` (Anchore), `5` (Twistlock), `6` (Aqua Security).
`blockVulnerable`	boolean	Block Vulnerable Images.
`severityThreshold`	enum	Valid ids: `1` (Critical), `2` (High), `3` (Medium), `4` (Low).

Content Trust

Field	Type	Notes
`contentTrust`	boolean	Content Trust Enabled.
`notaryURL`	text (URL)	Notary URL.
`signingKey`	text (multi-line)	Registry signing key
`trustedSigners`	text (multi-line)	List of trusted signers
`encryptionEnabled`	boolean	At-Rest Encryption.

Replication Configuration

Field	Type	Notes
`replicationRules`	text (multi-line)	Replication policies (JSON)
`replicationTargets`	multiselect	Target Registries.
`replicationSchedule`	text	Cron format
`replicationMode`	enum	Valid ids: `1` (Push), `2` (Pull), `3` (Both).
`replicationFilter`	text	Image name pattern
`lastReplication`	datetime	Last Replication. Read only.
`replicationStatus`	enum	Valid ids: `1` (Success), `2` (Failed), `3` (In Progress), `4` (Pending).

Cleanup Policies

Field	Type	Notes
`gcEnabled`	boolean	Garbage Collection Enabled.
`gcSchedule`	text	Cron format
`retentionDays`	number	Keep images for N days
`retentionCount`	number	Keep N most recent tags
`deleteUntagged`	boolean	Delete Untagged.
`dryRun`	boolean	Dry Run Mode.
`lastGC`	datetime	Last GC Run. Read only.
`spaceReclaimed`	number	Space Reclaimed (GB). Read only.
`retentionPolicy`	text (multi-line)	Advanced retention rules (JSON)

Webhook Configuration

Field	Type	Notes
`webhooks`	text (multi-line)	Webhook endpoints (JSON)
`webhookEvents`	multiselect	Trigger Events.
`webhookAuth`	enum	Valid ids: `1` (None), `2` (Basic), `3` (Bearer Token), `4` (HMAC).
`webhookSecret`	text	Webhook Secret.

Registry Metrics

Field	Type	Notes
`pushRate`	number	Push Rate (per hour). Read only.
`pullRate`	number	Pull Rate (per hour). Read only.
`errorRate`	gauge	Error Rate %. Read only.
`availability`	gauge	Availability %. Read only.
`responseTime`	number	Avg Response Time (ms). Read only.
`bandwidth`	number	Bandwidth (GB/day). Read only.
`activeConnections`	number	Active Connections. Read only.
`cacheHitRate`	gauge	Cache Hit Rate %. Read only.

External Integrations

Field	Type	Notes
`cicdIntegration`	multiselect	CI/CD Systems.
`k8sIntegration`	multiselect	Kubernetes Clusters.
`apiEndpoint`	text (URL)	API Endpoint.
`apiVersion`	text	API Version.
`apiRateLimit`	number	Requests per hour

Relationships

No declared relationships in the default definition.

Creating a Docker Registry via the API

POST /v1/objects
Authorization: Bearer <your-pat>
Content-Type: application/json

{
  "entity":   "DOCKERREGISTRY",
  "level":    421,
  "comboKey": "SUB:<your-sub-id>|ENT:",
  "name": "Example name",
  "url": "https://example.com",
  "registryType": "1",
  "status": "1"
}

Listing Docker Registries records

GET /v1/entities/DOCKERREGISTRY/SUB:<your-sub-id>

DemandFlow Support Centre

DOCKERREGISTRY: Docker Registry

DOCKERREGISTRY: Docker Registry

Entity properties

Use cases

Fields

Relationships

Creating a Docker Registry via the API

Listing Docker Registries records

See also

Was this article helpful?