-
Notifications
You must be signed in to change notification settings - Fork 356
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker's registry password #3304
Comments
Just a quick thought on this, have you tried updating the package? The package object has a field |
Thanks! That's exactly what I am looking for (not sure how I missed it there). There's no payload example with those parameters. However, I believe I will handle that. I'll test it tomorrow and let you know. btw, the documentation is a little bit confusing then. Actually, if it works, then there is different option than re-pushing the app. |
Unfortunately, seems to be not supported.
even in api documentation optional parameters are just about metadata keys
|
I'm not Ruby expert but I assume having this supported shouldn't be a big deal if there are no 'conceptional' blockers.
I assume, more or less the same is done if it comes to eg. app rename
Is here anyone who could comment on this? |
Looks like you could update docker credentials in the v2 API with a |
@johha it worked! you're my hero :) |
Lets see what some other contributors think. Maybe there was a reason for removing it in v3. |
I'm guessing this was just an oversight when implementing v3. It seems reasonable that we could support this on v3. That said, docker packages are just references to the image in a remote repository, so not sure that re-pushing the app is that different from updating its package. You aren't uploading anything as part of the push process. |
We'd be happy to review a PR that updates v3 to support this. |
CAPI issue: cloudfoundry#3304 Missing v3 feature parity. PATCH /v3/packages/:guid should allow to update docker registry credentials. This change adds the possibility to update the docker credentials via PATCH /v3/packages/:guid
CAPI issue: cloudfoundry#3304 Missing v3 feature parity. PATCH /v3/packages/:guid should allow to update docker registry credentials. This change adds the possibility to update the docker credentials via PATCH /v3/packages/:guid
CAPI issue: cloudfoundry#3304 Missing v3 feature parity. PATCH /v3/packages/:guid should allow to update docker registry credentials. This change adds the possibility to update the docker credentials via PATCH /v3/packages/:guid
CAPI issue: cloudfoundry#3304 Missing v3 feature parity. PATCH /v3/packages/:guid should allow to update docker registry credentials. This change adds the possibility to update the docker credentials via PATCH /v3/packages/:guid
CAPI issue: cloudfoundry#3304 Missing v3 feature parity. PATCH /v3/packages/:guid should allow to update docker registry credentials. This change adds the possibility to update the docker credentials via PATCH /v3/packages/:guid
PR to support updating docker registry credentials can be found here: #3467 |
CAPI issue: cloudfoundry#3304 Missing v3 feature parity. PATCH /v3/packages/:guid should allow to update docker registry credentials. This change adds the possibility to update the docker credentials via PATCH /v3/packages/:guid
Dear Community,
just today, I've learnt the docker image is pulled each time the app is getting restarted. Somehow I though it works like with droplets and those are internally stored within CF until the next app deployment.
It means, if the password is changed the app can't be successfully restarted anymore.
I've also learnt about your recommendation about using 2 passwords. I can imagine this while using registry protected by secrets like in Azure or so. https://docs.cloudfoundry.org/devguide/deploy-apps/push-docker.html#private-repo
However, our internal registry is AD protected and there's no option to configure secondary password for the same user.
Imagine, we have hundreds of applications deployed this way and all of them are using the same user to access the registry. If the password would be changed we are in trouble.
Is there any option to address this? A magic way to update the password on existing app without re-pushing it? I couldn't find such an option using cf cli nor v3 api. I assume it's somehow internally stored within CF because initial password is passed only once when pushing the app as a variable CF_DOCKER_PASSWORD=YOUR-PASSWORD
eg. a direct update on the database level?
Looking forward for your support. Thank you.
Best regards,
K.M.
The text was updated successfully, but these errors were encountered: