Skip to content

cli/registry/login: Add the --password-env flag #5971

New issue
New issue
Open
#5972
Open
cli/registry/login: Add the --password-env flag#5971
#5972
Labels
kind/featurestatus/0-triage
@octo

Description

@octo
octo
opened on Mar 31, 2025

Description

Add support for providing registry passwords via environment variables, which is particularly useful in CI pipelines. For example, GitLab stores registry passwords in the CI_REGISTRY_PASSWORD environment variable.

With the --password-env flag, authenticating to a registry is as simple as:

docker login --username "${CI_REGISTRY_USER}" --password-env "CI_REGISTRY_PASSWORD" "${CI_REGISTRY}"

Alternatives Considered

  • Using docker login -p "${VAR}" with warning suppression

    • Shell history concerns don't apply with variable substitution
    • Tokens are often short-lived, reducing security concerns
    • Could introduce a way to suppress warnings via environment variables

  • Passing passwords via STDIN (current recommended method):

    echo "${CI_REGISTRY_PASSWORD}" | docker login --username "${CI_REGISTRY_USER}" --password-stdin "${CI_REGISTRY}"

    Avoids warnings but adds complexity to command chains

Activity

octo
added
kind/feature
status/0-triage
on Mar 31, 2025
octo
linked a pull request that will close this issue on Mar 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featurestatus/0-triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      Participants

      @octo

      Issue actions
        cli/registry/login: Add the `--password-env` flag · Issue #5971 · docker/cli