docs: add Enterprise Data API reference and usage reports guide#25383
docs: add Enterprise Data API reference and usage reports guide#25383cassio-paesleme wants to merge 8 commits into
Conversation
Add documentation for the Docker Enterprise Data API, which provides programmatic access to organization usage reports (CSV) via api.docker.com/enterprise-data/v1/. - reference/api/enterprise-data/ — OpenAPI 3.0 spec and rendered API reference page for all four endpoints (list types, list reports, download, schema) - manuals/enterprise/reports/ — feature guide with authentication setup (PAT and OAT flows), curl walkthrough, pagination, and troubleshooting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
docker-agent
left a comment
docker-agent
left a comment
There was a problem hiding this comment.
Assessment: 🔴 CRITICAL
Two newly added documents (the OpenAPI spec and the feature guide) describe different URL structures for the same API endpoints. One of them is wrong, and users will get 404 errors following whichever document is incorrect.
| - bearerAuth: [] | ||
|
|
||
| paths: | ||
| /orgs/{org_name}: |
There was a problem hiding this comment.
[HIGH] OpenAPI spec paths missing /reports segment — inconsistent with guide
The OpenAPI spec defines the listReportTypes endpoint at /orgs/{org_name} (full URL: https://api.docker.com/enterprise-data/v1/orgs/{org_name}), but the feature guide and the API reference table both consistently use /orgs/{org}/reports as the list-report-types path. The same mismatch applies across all four endpoints:
| OpenAPI spec path | Guide/table path |
|---|---|
GET /orgs/{org_name} |
GET /orgs/{org}/reports |
GET /orgs/{org_name}/{type}/{cadence} |
GET /orgs/{org}/reports/{type}/{cadence} |
GET /orgs/{org_name}/{type}/{cadence}/{date}/download |
GET /orgs/{org}/reports/{type}/{cadence}/{date}/download |
GET /orgs/{org_name}/{type}/{cadence}/{date}/schema |
GET /orgs/{org}/reports/{type}/{cadence}/{date}/schema |
One of these is wrong. If the actual API requires /reports in the path (as the guide shows), users using the spec for client generation or manual calls will get 404 errors. If the spec is correct, every curl example in the guide will fail.
There was a problem hiding this comment.
Fixed in c8fe0a6. Added the missing /reports segment to all four OpenAPI spec paths. They now match the guide.
There was a problem hiding this comment.
Perfect, thank you! Confirmed that all four paths now include /reports and align with the guide. The spec is now consistent and will generate correct client code.
| Discover which report types and cadences are available for your organization. | ||
|
|
||
| ```console | ||
| $ curl -s "https://api.docker.com/enterprise-data/v1/orgs/$ORG/reports" \ |
There was a problem hiding this comment.
[HIGH] curl examples include /reports path segment not present in OpenAPI spec
All curl examples in this guide include /reports in the path (e.g., /orgs/$ORG/reports, /orgs/$ORG/reports/usage_pulls/daily), but the OpenAPI spec defines paths without this segment (e.g., /orgs/{org_name}, /orgs/{org_name}/{type}/{cadence}).
Both documents are new and were published together, yet they describe different URL structures. Please reconcile: either add the missing /reports segment to all four paths in api.yaml, or remove it from the guide's curl examples and reference table to match the spec.
There was a problem hiding this comment.
Fixed in c8fe0a6. The OpenAPI spec paths now include /reports and match the curl examples.
There was a problem hiding this comment.
Perfect, thank you! I verified the commit and all four paths in the OpenAPI spec now correctly include "/reports" to match the curl examples and documentation. The discrepancy is resolved.
|
|
||
| ```bash | ||
| DATE=$( | ||
| curl -s "https://api.docker.com/enterprise-data/v1/orgs/$ORG/reports/usage_pulls/daily?page_size=1" \ |
There was a problem hiding this comment.
[MEDIUM] Download-latest script silently produces broken output when no reports exist
When the API returns an empty reports list, jq -r '.reports[0].Date' outputs the literal string null (not an empty string). The script then silently:
- Creates a file named
usage_pulls_null.csv - Makes a download request to
.../daily/null/download, which returns a 404
Consider adding a guard to catch this case:
DATE=$(
curl -s "https://api.docker.com/enterprise-data/v1/orgs/$ORG/reports/usage_pulls/daily?page_size=1" \
-H "Authorization: Bearer $TOKEN" \
| jq -r '.reports[0].Date // empty'
)
if [ -z "$DATE" ]; then
echo "No reports available."
exit 1
fi
curl -L -o "usage_pulls_${DATE}.csv" \
"https://api.docker.com/enterprise-data/v1/orgs/$ORG/reports/usage_pulls/daily/${DATE}/download" \
-H "Authorization: Bearer $TOKEN"Using // empty makes jq output nothing (empty string) instead of null, so the shell check [ -z "$DATE" ] works correctly for both the no-reports and API-error cases.
There was a problem hiding this comment.
Fixed in e983461. Added // empty to the jq expression and a shell guard that exits early with a message when no reports are available.
There was a problem hiding this comment.
Perfect! Thanks for the quick fix. The guard now correctly handles the empty reports case and prevents the script from creating broken files.
The spec paths were missing the /reports segment, making them inconsistent with the curl examples in the guide and the actual REST handler routes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use jq's // empty alternative operator so an empty report list produces an empty string instead of the literal "null". Add a shell guard to exit early with a message. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Restructure the Enterprise Data API reference to match the sidebar pattern used by Docker Hub API and DVP Data API: - _index.md as hidden section index (build: render: never) - latest.md with layout: api pointing to latest.yaml - changelog.md with initial release entry - deprecated.md with empty deprecation table Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Per IAM team guidance, PATs cannot be scoped outside of registry. OATs are the only supported auth mechanism for the Reports API. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2 participants
Summary
/reference/api/enterprise-data//manuals/enterprise/reports/Context
Docker Enterprise subscribers will be able to programmatically export organization usage reports (pull data) via
api.docker.com/enterprise-data/v1/. This is a new API surface, separate from the Hub API, supporting both PAT and OAT authentication.Related PRs:
New pages
/reference/api/enterprise-data/api.yaml/reference/api/enterprise-data/index.md/manuals/enterprise/reports/_index.mdTest plan
/reference/api/enterprise-data/🤖 Generated with Claude Code