Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable both public and private repository for pulling image during bootBuildImage #24549

Closed
wants to merge 1 commit into from
Closed

Enable both public and private repository for pulling image during bootBuildImage #24549

wants to merge 1 commit into from

Conversation

WqyJh
Copy link

@WqyJh WqyJh commented Dec 17, 2020

As described in #24547, if using runImage in private registry which was built upon images in public registry, image pulling would fail because apply a basic auth on no-auth-required public registry.

Take the following configuration as explanation, basic auth should only be applied when the image tag was prefixed with docker.example.com/, should never be applied when the parent images of this image was belong to docker.io.

bootBuildImage {
    docker {
        builderRegistry {
            username = "username"
            password = "password"
            url = "https://docker.example.com/v1/"
        }
    }
    imageName = "docker.example.com/app"
    runImage = "docker.example.com/run:base"
}

The solution is quite simple:

  • Just add n field registryUrl in DockerConfiguration, and save the url into it during the construction.
  • Check wether the image domain was contained in registryUrl, if so, apply the basic auth, otherwise do not apply.

This only support username/password authentication, not for token authentication beause it doesn't provide an url.

@pivotal-issuemaster
Copy link

@WqyJh Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

@pivotal-issuemaster
Copy link

@WqyJh Thank you for signing the Contributor License Agreement!

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 17, 2020
@scottfrederick scottfrederick mentioned this pull request Dec 17, 2020
Open
@scottfrederick
Copy link
Contributor

Thanks for the suggestion, but this approach doesn't cover all the use cases we'd want to consider when the builder and run images are in different registries. We'll keep the issue open to consider other approaches.

@scottfrederick scottfrederick added status: declined A suggestion or change that we don't feel we should currently apply and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 17, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status: declined A suggestion or change that we don't feel we should currently apply
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@WqyJh @pivotal-issuemaster @scottfrederick @spring-projects-issues