registry-config
Tools interacting with an OCI registry usually have their own way to authenticate. Helm, for example, provides a command to "login" into a registry, which stores the credentials in a file. That is, however, not a safe way to store credentials, especially not in Dagger. Credentials persisted in the filesystem make their way into Dagger's layer cache.This module creates a configuration file and returns it as a Secret that can be mounted safely into a Container.
Be advised that using the tool's built-in authentication mechanism may not work with the configuration file (since it's read only).
You can read more about the topic in [this issue](https://github.com/dagger/dagger/issues/7273).
Installation
dagger install github.com/sagikazarmark/daggerverse/registry-config@v0.2.0Entrypoint
Return Type
RegistryConfigExample
dagger -m github.com/sagikazarmark/daggerverse/registry-config@16d0620e6b294d49b5e929f1540509b2fd361a80 call \
func (m *myModule) example() *RegistryConfig {
return dag.
RegistryConfig()
}@function
def example() -> dag.RegistryConfig:
return (
dag.registry_config()
)@func()
example(): RegistryConfig {
return dag
.registryConfig()
}Types
RegistryConfig 🔗
withRegistryAuth() 🔗
Add credentials for a registry.
Return Type
RegistryConfig !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| address | String ! | - | No description provided |
| username | String ! | - | No description provided |
| secret | Secret ! | - | No description provided |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@16d0620e6b294d49b5e929f1540509b2fd361a80 call \
with-registry-auth --address string --username string --secret env:MYSECRETfunc (m *myModule) example(address string, username string, secret *Secret) *RegistryConfig {
return dag.
RegistryConfig().
WithRegistryAuth(address, username, secret)
}@function
def example(address: str, username: str, secret: dagger.Secret) -> dag.RegistryConfig:
return (
dag.registry_config()
.with_registry_auth(address, username, secret)
)@func()
example(address: string, username: string, secret: Secret): RegistryConfig {
return dag
.registryConfig()
.withRegistryAuth(address, username, secret)
}withoutRegistryAuth() 🔗
Removes credentials for a registry.
Return Type
RegistryConfig !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| address | String ! | - | No description provided |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@16d0620e6b294d49b5e929f1540509b2fd361a80 call \
without-registry-auth --address stringfunc (m *myModule) example(address string) *RegistryConfig {
return dag.
RegistryConfig().
WithoutRegistryAuth(address)
}@function
def example(address: str) -> dag.RegistryConfig:
return (
dag.registry_config()
.without_registry_auth(address)
)@func()
example(address: string): RegistryConfig {
return dag
.registryConfig()
.withoutRegistryAuth(address)
}hasRegistryAuth() 🔗
Checks whether the config has any registry credentials.
Return Type
Boolean !Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@16d0620e6b294d49b5e929f1540509b2fd361a80 call \
has-registry-authfunc (m *myModule) example(ctx context.Context) bool {
return dag.
RegistryConfig().
HasRegistryAuth(ctx)
}@function
async def example() -> bool:
return await (
dag.registry_config()
.has_registry_auth()
)@func()
async example(): Promise<boolean> {
return dag
.registryConfig()
.hasRegistryAuth()
}secret() 🔗
Create the registry configuration.
Return Type
Secret !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| name | String | "registry-config" | No description provided |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@16d0620e6b294d49b5e929f1540509b2fd361a80 call \
secretfunc (m *myModule) example() *Secret {
return dag.
RegistryConfig().
Secret()
}@function
def example() -> dagger.Secret:
return (
dag.registry_config()
.secret()
)@func()
example(): Secret {
return dag
.registryConfig()
.secret()
}mountSecret() 🔗
MountSecret mounts a registry configuration secret into a container if there is any confuguration in it.
Return Type
Container !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| container | Container ! | - | No description provided |
| path | String ! | - | No description provided |
| secretName | String | "registry-config" | No description provided |
| owner | String | - | A user:group to set for the mounted secret. The user and group can either be an ID (1000:1000) or a name (foo:bar). If the group is omitted, it defaults to the same as the user. |
| mode | Integer | - | Permission given to the mounted secret (e.g., 0600). This option requires an owner to be set to be active. |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@16d0620e6b294d49b5e929f1540509b2fd361a80 call \
mount-secret --container IMAGE:TAG --path stringfunc (m *myModule) example(container *Container, path string) *Container {
return dag.
RegistryConfig().
MountSecret(container, path)
}@function
def example(container: dagger.Container, path: str) -> dagger.Container:
return (
dag.registry_config()
.mount_secret(container, path)
)@func()
example(container: Container, path: string): Container {
return dag
.registryConfig()
.mountSecret(container, path)
}