App API
Application info, server configuration, and diagnostic endpoints.
Get App information
Returns application name and version.
curl http://drydock:3000/api/v1/app
{
"name":"drydock",
"version":"1.5.0"
}Get server configuration
Returns the server configuration, webhook status, and legacy input compatibility summary.
curl http://drydock:3000/api/v1/server
{
"configuration": {
"port": 3000,
"feature": { "delete": false },
"webhook": { "enabled": true }
},
"compatibility": {
"legacyInputs": {}
}
}Get security runtime status
Returns the availability status of security tools (Trivy scanner, Cosign signature verification) and SBOM configuration. Use this to check whether the runtime environment has the required binaries before triggering scans.
curl http://drydock:3000/api/v1/server/security/runtime
{
"checkedAt": "2024-12-01T10:00:00.000Z",
"ready": true,
"scanner": {
"enabled": true,
"command": "trivy",
"commandAvailable": true,
"status": "ready",
"message": "Trivy client is ready",
"scanner": "trivy",
"server": ""
},
"signature": {
"enabled": false,
"command": "",
"commandAvailable": null,
"status": "disabled",
"message": "Signature verification is disabled"
},
"sbom": {
"enabled": true,
"formats": ["spdx-json", "cyclonedx-json"]
},
"requirements": []
}Response fields
| Field | Type | Description |
|---|---|---|
checkedAt | string | ISO 8601 timestamp of the check |
ready | boolean | true when the scanner is enabled and its command is available |
scanner.enabled | boolean | Whether vulnerability scanning is configured |
scanner.command | string | Scanner command (e.g. trivy) |
scanner.commandAvailable | boolean | null | Whether the command was found in the runtime; null when disabled |
scanner.status | string | ready, missing, or disabled |
scanner.server | string | Trivy server URL (empty when using local mode) |
signature.enabled | boolean | Whether signature verification is configured |
signature.command | string | Cosign command |
signature.commandAvailable | boolean | null | Whether cosign was found in the runtime |
signature.status | string | ready, missing, or disabled |
sbom.enabled | boolean | Whether SBOM generation is enabled |
sbom.formats | string[] | Configured SBOM output formats |
requirements | string[] | Human-readable list of missing dependencies (empty when everything is ready) |
Returns 200 on success, or 500 if the runtime check fails.
Download diagnostic debug dump
Downloads a comprehensive, redacted diagnostic dump of the running drydock instance as a JSON file. Useful for troubleshooting and support requests.
The dump includes runtime metadata, component state (watchers, registries, triggers, agents, containers), Docker API diagnostics, MQTT Home Assistant sensor definitions, recent Docker events, store statistics, and DD_* environment variable names. All values matching password|token|secret|key|hash are automatically redacted.
curl -O -J "http://drydock:3000/api/v1/debug/dump?minutes=30"The response is a JSON attachment with a timestamped filename (e.g. drydock-debug-dump-2026-03-18T19-33-00-000Z.json).
Query parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
minutes | integer | 30 | How many recent minutes of event history to include (min: 1) |
Dump sections
| Section | Contents |
|---|---|
metadata | Generated timestamp, drydock version, Node.js version, uptime |
state | All registered components: containers, watchers, triggers, registries, authentications, agents |
mqttHomeAssistant | Home Assistant MQTT sensor discovery topics and definitions |
dockerEvents | Active Docker event subscriptions and recent events within the time window |
aliasFiltering | Recent container alias filter decisions |
store | LokiJS collection statistics |
dockerApi | Docker daemon version and info per watcher (connection errors captured gracefully) |
environment | All DD_* environment variable names with values redacted |
Returns 200 with the JSON attachment on success, 401 if not authenticated, or 500 if the dump cannot be generated.