-
Notifications
You must be signed in to change notification settings - Fork 53
feat(registry): add initial support to auth to an external Registry on per app basis #649
Conversation
Current coverage is
|
This might be a clean way to attach credentials to a Could you also please write out some junk e2e tests and some documentation in deis/workflow? |
@bacongobbler Not going to write e2e or documentation for this PR, going to do it when I finish the UX, which will be tomorrow most likely. I wanted to keep separation of concerns, as to not overload a single PR |
Isn't the UX just |
There is a different UX being talked about, it's basically making registry a top level object like tags, thay way credentials don't make their way into env vars |
@helgi why not |
@alefsbf Next iteration (happening soon) will include that option - this time around I am pulling into local registry |
…n per app basis This will allow for setting username and password for an external registry to pull images from IMAGE_AUTH_USER and IMAGE_AUTH_PASSWORD are support via config:set and this is per application. Currently Docker Hub and Quay are supported and a basic support for long lived tokens under gcr.io - ECR is not supported at this time. For GCR see https://cloud.google.com/container-registry/docs/auth#using_a_json_key_file
docs(managing-workflow): Add LDAP configuration
Summary of Changes
This will allow for setting username and password for an external registry to pull images from
IMAGE_AUTH_USER
andIMAGE_AUTH_PASSWORD
are support viaconfig:set
and this is per application.Currently Docker Hub and Quay are supported and a basic support for long lived tokens under gcr.io - ECR is not supported at this time.
For GCR see https://cloud.google.com/container-registry/docs/auth#using_a_json_key_file
The JSON blob needs to be compacted using
jq -c .
or similar before being setThe UX for this will change, very soon. Doing a separate PR for that
Issue(s) that this PR Closes
Please list the issue(s) that this PR closes, similar to the below:
ref #639
ref #253
Associated End To End Test PR(s)
Will come when UX has been sorted out
Associated Documentation PR(s)
Will come when UX has been sorted out
Associated Design Document(s)
deis/workflow#163
#639
Testing Instructions
Please provide a detailed list for how to test the changes in this PR.
IMAGE_AUTH_USER
andIMAGE_AUTH_PASSWORD
usingconfig:set
for the appdeis pull
referencing an image in a private repoAlso, please provide a description of the desired result after the tester completes the above steps.
Pull Request Hygiene TODOs
Please make sure the below checklist is complete.
🌸 Thank you! 🌸