fix(data/docker-client): allow some more OCI clients through

Signed-off-by: Xe Iaso <me@xeiaso.net>
2026-04-16 05:15:03 +00:00 · 2025-11-08 12:42:03 -05:00
parent 3f81076743
commit 81ead403c2
2 changed files with 23 additions and 0 deletions
--- a/data/clients/docker-client.yaml
+++ b/data/clients/docker-client.yaml
@@ -23,3 +23,24 @@
    all:
      - '"Docker-Distribution-Api-Version" in headers'
      - '!(userAgent.contains("Mozilla"))'
+
+- name: allow-go-containerregistry-client
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("go-containerregistry/")
+
+- name: allow-buildah
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("Buildah/")
+
+- name: allow-podman
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("containers/")