Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: using standard OS tabs for registries docs #4497

Merged
merged 2 commits into from Oct 25, 2023
Merged

docs: using standard OS tabs for registries docs #4497

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b0fa788
docs: using standard OS tabs for registries docs
themr0c Oct 24, 2023
09f7992
Update website/docs/working-with-containers/registries/_insecure-regi…
themr0c Oct 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
37 changes: 37 additions & 0 deletions website/docs/working-with-containers/registries/_insecure-registry-linux.md
View file
Open in desktop
@@ -0,0 +1,37 @@
#### Prerequisites

- Podman.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume it needs to be running? Before the change that was required, and there is a restart in the steps.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It only needs to be installed. You need to restart any podman process if it exists. I will clarify.

themr0c marked this conversation as resolved.
Show resolved Hide resolved

#### Procedure

1. Add your insecure registry within **<icon icon="fa-solid fa-cog" size="lg" /> Settings > Registries**.

![Adding a custom registry](img/adding-a-custom-registry.png)

Check warning on line 9 in website/docs/working-with-containers/registries/_insecure-registry-linux.md

View workflow job for this annotation

GitHub Actions / runner / vale 

[vale] reported by reviewdog 🐶
[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/adding-a-custom-registry.png)

Raw Output:
{"message": "[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/adding-a-custom-registry.png)", "location": {"path": "website/docs/working-with-containers/registries/_insecure-registry-linux.md", "range": {"start": {"line": 9, "column": 30}}}, "severity": "WARNING"}

1. Click "Yes" to the insecure registry warning.

![Podman Desktop Registry Warning](img/registry-warning-insecure.png)

Check warning on line 13 in website/docs/working-with-containers/registries/_insecure-registry-linux.md

View workflow job for this annotation

GitHub Actions / runner / vale 

[vale] reported by reviewdog 🐶
[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/registry-warning-insecure.png)

Raw Output:
{"message": "[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/registry-warning-insecure.png)", "location": {"path": "website/docs/working-with-containers/registries/_insecure-registry-linux.md", "range": {"start": {"line": 13, "column": 37}}}, "severity": "WARNING"}

1. Open `registries.conf`.

```shell-session
$ sudo vi /etc/containers/registries.conf
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't it in openshift docs / standards that sudo commands use # / comment out feature so it's not accidently copied-and-pasted? unsure if we should apply this here / other parts of PD documentation.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

# command for a command by root. But usually people don't understand.

$ sudo command is correct, as you execute in the user context (sudo does the privilege escalation). Less prone to error because user forget to get root.

```

1. Add the insecure registry: Add a new `[[registry]]` section for the URL of the insecure registry you want to use. For example, if your insecure registry is located at `http://registry.example.com`, add the following lines:

```toml
[[registry]]
location = "registry.example.com"
insecure = true
```

If you have multiple registries, you can add one `[[registry]]` block per registry:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

: added by mistake


1. Save and exit the file.

1. Restart Podman.

```shell-session
$ sudo systemctl restart podman
```
Comment on lines +33 to +37
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The "restart Podman" steps in various Linux procedures (here, proxy) are inconsistent and mostly irrelevant. It deserves its own issue.

44 changes: 44 additions & 0 deletions ...ite/docs/working-with-containers/registries/_insecure-registry-windows-macos.md
View file
Open in desktop
@@ -0,0 +1,44 @@
#### Prerequisites

- [A running Podman machine](/docs/onboarding-for-containers/installing-podman).

#### Procedure

1. Add your insecure registry within **<icon icon="fa-solid fa-cog" size="lg" /> Settings > Registries**.

![Adding a custom registry](img/adding-a-custom-registry.png)

Check warning on line 9 in website/docs/working-with-containers/registries/_insecure-registry-windows-macos.md

View workflow job for this annotation

GitHub Actions / runner / vale 

[vale] reported by reviewdog 🐶
[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/adding-a-custom-registry.png)

Raw Output:
{"message": "[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/adding-a-custom-registry.png)", "location": {"path": "website/docs/working-with-containers/registries/_insecure-registry-windows-macos.md", "range": {"start": {"line": 9, "column": 30}}}, "severity": "WARNING"}

1. Click "Yes" to the insecure registry warning.

![Podman Desktop Registry Warning](img/registry-warning-insecure.png)

Check warning on line 13 in website/docs/working-with-containers/registries/_insecure-registry-windows-macos.md

View workflow job for this annotation

GitHub Actions / runner / vale 

[vale] reported by reviewdog 🐶
[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/registry-warning-insecure.png)

Raw Output:
{"message": "[PodmanDesktop.Links] Consider starting the link with https:// or /, rather than ](img/registry-warning-insecure.png)", "location": {"path": "website/docs/working-with-containers/registries/_insecure-registry-windows-macos.md", "range": {"start": {"line": 13, "column": 37}}}, "severity": "WARNING"}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

false positive on vale issue?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bad rule. I opened an issue. And am currently lost in regex: do not match strings starting by img/. The /docs... notation breaks the build...


1. SSH into the Podman Machine to edit `registries.conf`.

```shell-session
$ podman machine ssh [optional-machine-name]
```

1. Open `registries.conf`.

```shell-session
$ sudo vi /etc/containers/registries.conf
```

1. Add the insecure registry: Add a new `[[registry]]` section for the URL of the insecure registry you want to use. For example, if your insecure registry is located at `http://registry.example.com`, add the following lines:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Accidental :?


```toml
[[registry]]
location = "registry.example.com"
insecure = true
```

If you have multiple registries, you can add one `[[registry]]` block per registry.

1. Save and exit the file.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we need this step as it's implied by editing the file you save and exit.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That was already in the content. I changed as little content as possible. This might require a new pr with new scope.


1. Restart Podman by the CLI or through Podman Desktop.

```shell-session
$ podman machine stop
$ podman machine start
```
8 changes: 8 additions & 0 deletions website/docs/working-with-containers/registries/_verification-private-registry.md
View file
Open in desktop
@@ -0,0 +1,8 @@
#### Verification

1. Go to **<icon icon="fa-solid fa-cloud" size="lg" /> Images**.
1. You can pull a private image from the registry.
1. You can push an image to the registry:
1. Build an image with the fully qualified name required for your registry, such as `quay.io/my-repository/my-image`, `ghcr.io/my-repository/my-image`, `docker.io/my-repository/my-image`, or `my-registry.tld/my-repository/my-image`.
1. On your image line, click **<icon icon="fa-solid fa-ellipsis-v" size="lg" />**.
1. The contextual menu has a **<icon icon="fa-solid fa-arrow-up" size="lg" />Push Image** entry.
11 changes: 3 additions & 8 deletions ...orking-with-containers/registries/authenticating-to-a-preconfigured-registry.md
View file
Open in desktop
Expand Up @@ -6,6 +6,8 @@ keywords: [podman desktop, podman, containers, registry, registries]
tags: [images]
---

import Verification from './\_verification-private-registry.md'

# Authenticating to a pre-configured registry

With Podman Desktop, you can authenticate to a set of pre-configured registries:
Expand All @@ -30,11 +32,4 @@ With Podman Desktop, you can authenticate to a set of pre-configured registries:

![Authenticating to a preconfigured registry](img/authenticating-to-a-preconfigured-registry.png)

#### Verification

1. Go to **<icon icon="fa-solid fa-cloud" size="lg" /> Images**.
1. You can pull a private image from the registry.
1. You can push an image to the registry:
1. Build an image the fully qualified name required for your registry, such as `quay.io/my-repository/my-image`, `ghcr.io/my-repository/my-image`, or `docker.io/my-repository/my-image`.
1. On your image line, click **<icon icon="fa-solid fa-ellipsis-v" size="lg" />**.
1. The contextual menu has a **<icon icon="fa-solid fa-arrow-up" size="lg" />Push Image** entry.
<Verification />
89 changes: 11 additions & 78 deletions website/docs/working-with-containers/registries/insecure-registry.md
View file
Open in desktop
Expand Up @@ -8,97 +8,30 @@ tags: [pods]

import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import WindowsMacosProcedure from './\_insecure-registry-windows-macos.md'
import LinuxProcedure from './\_insecure-registry-linux.md'
import Verification from './\_verification-private-registry.md'

# Adding an Insecure Registry to Podman Desktop

In this guide, you will learn how to add an insecure registry to Podman Desktop. An insecure registry allows you to pull and push container images either over an unencrypted HTTP connection, or a HTTPS connection with a self-signed unverified certificate. Please note that using an insecure registry can expose your data to security risks, so it's recommended to use secure connections with a verifiable certificate whenever possible.

#### Prerequisites

- Podman installed and running (VM if on macOS or Windows).

#### Procedure

<Tabs groupId="operating-systems">
<TabItem value="macwin" label="macOS & Windows">

1. Add your insecure registry within **<icon icon="fa-solid fa-cog" size="lg" /> Settings > Registries**.

![Adding a custom registry](img/adding-a-custom-registry.png)

2. Click "Yes" to the insecure registry warning.

![Podman Desktop Registry Warning](img/registry-warning-insecure.png)

3. SSH into the Podman Machine to edit `registries.conf`.

```shell-session
$ podman machine ssh [optional-machine-name]
```

4. Open `registries.conf`.

```shell-session
$ sudo vi /etc/containers/registries.conf
```

5. Add the insecure registry: Add a new `[[registry]]` section for the URL of the insecure registry you want to use. For example, if your insecure registry is located at `http://registry.example.com`, add the following lines:

```toml
[[registry]]
location = "registry.example.com"
insecure = true
```

If you have multiple registries, you can add one `[[registry]]` block per registry.

6. Save and exit the file.
<TabItem value="win" label="Windows">

7. Restart Podman by the CLI or through Podman Desktop.
<WindowsMacosProcedure />

```shell-session
$ podman machine stop
$ podman machine start
```
</TabItem>
<TabItem value="mac" label="macOS">

8. Pull or push container images: You can now use Podman Desktop to pull or push container images from/to the insecure registry you added.
<WindowsMacosProcedure />

</TabItem>
<TabItem value="linux" label="Linux">

1. Add your insecure registry within **<icon icon="fa-solid fa-cog" size="lg" /> Settings > Registries**.

![Adding a custom registry](img/adding-a-custom-registry.png)

2. Click "Yes" to the insecure registry warning.

![Podman Desktop Registry Warning](img/registry-warning-insecure.png)

3. Open `registries.conf`.

```shell-session
$ sudo vi /etc/containers/registries.conf
```

4. Add the insecure registry: Add a new `[[registry]]` section for the URL of the insecure registry you want to use. For example, if your insecure registry is located at `http://registry.example.com`, add the following lines:

```toml
[[registry]]
location = "registry.example.com"
insecure = true
```

If you have multiple registries, you can add one `[[registry]]` block per registry:

5. Save and exit the file.

6. Restart Podman.

```shell-session
$ sudo systemctl restart podman
```

7. Pull or push container images: You can now use Podman Desktop to pull or push container images from/to the insecure registry you added.
<LinuxProcedure />

</TabItem>
</Tabs>

<Verification />