Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker

endpoints/index.py

@@ -50,7 +50,7 @@ def generate_headers(role='read'):
       if has_token_request:
         repo = model.get_repository(namespace, repository)
         if repo:
-          token = model.create_access_token(repo, role)
+          token = model.create_access_token(repo, role, 'pushpull-token')
           token_str = 'signature=%s' % token.code
           response.headers['WWW-Authenticate'] = token_str
           response.headers['X-Docker-Token'] = token_str