registries.yaml environment variables for username and password #1685
Labels
kind/enhancement
An improvement to existing functionality
Projects
Comments
|
K3s is is K8s. You are welcome to use image pull secrets if you want, they work just fine. Some users prefer to configure registries (endpoints, credentials) on the node itself in the container runtime config so that they are used globally, instead of having to inject them into every pod spec. Even if we allowed storing credentials in environment variables... you would still have to define the variable contents somewhere - in the systemd unit or env file. I don't see how simply moving them from one file to another would make things any more secure. Do you have a proposal for how this might work that wouldn't just result in their being somewhere else on disk? |
brandond
added
kind/feature
|
Closing as this is something we're considering a solution to in the Backlog |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there a way to use environment variables for the registries.yaml file? It feels insecure to save plain text username and passwords on disk.
https://rancher.com/docs/k3s/latest/en/installation/private-registry/
How K8s does it:
https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
The text was updated successfully, but these errors were encountered: