registry-config
Tools interacting with an OCI registry usually have their own way to authenticate. Helm, for example, provides a command to "login" into a registry, which stores the credentials in a file. That is, however, not a safe way to store credentials, especially not in Dagger. Credentials persisted in the filesystem make their way into Dagger's layer cache.This module creates a configuration file and returns it as a Secret that can be mounted safely into a Container.
Be advised that using the tool's built-in authentication mechanism may not work with the configuration file (since it's read only).
You can read more about the topic in [this issue](https://github.com/dagger/dagger/issues/7273).
Installation
dagger install github.com/sagikazarmark/daggerverse/registry-config@v0.3.0
Entrypoint
Return Type
RegistryConfig
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@b45dbd7448bb967aca4a538af9ce7f042abf0316 call \
func (m *myModule) example() *RegistryConfig {
return dag.
RegistryConfig()
}
@function
def example() -> dag.RegistryConfig:
return (
dag.registry_config()
)
@func()
example(): RegistryConfig {
return dag
.registryConfig()
}
Types
RegistryConfig 🔗
withRegistryAuth() 🔗
Add credentials for a registry.
Return Type
RegistryConfig !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
address | String ! | - | No description provided |
username | String ! | - | No description provided |
secret | Secret ! | - | No description provided |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@b45dbd7448bb967aca4a538af9ce7f042abf0316 call \
with-registry-auth --address string --username string --secret env:MYSECRET
func (m *myModule) example(address string, username string, secret *Secret) *RegistryConfig {
return dag.
RegistryConfig().
WithRegistryAuth(address, username, secret)
}
@function
def example(address: str, username: str, secret: dagger.Secret) -> dag.RegistryConfig:
return (
dag.registry_config()
.with_registry_auth(address, username, secret)
)
@func()
example(address: string, username: string, secret: Secret): RegistryConfig {
return dag
.registryConfig()
.withRegistryAuth(address, username, secret)
}
withoutRegistryAuth() 🔗
Removes credentials for a registry.
Return Type
RegistryConfig !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
address | String ! | - | No description provided |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@b45dbd7448bb967aca4a538af9ce7f042abf0316 call \
without-registry-auth --address string
func (m *myModule) example(address string) *RegistryConfig {
return dag.
RegistryConfig().
WithoutRegistryAuth(address)
}
@function
def example(address: str) -> dag.RegistryConfig:
return (
dag.registry_config()
.without_registry_auth(address)
)
@func()
example(address: string): RegistryConfig {
return dag
.registryConfig()
.withoutRegistryAuth(address)
}
hasRegistryAuth() 🔗
Checks whether the config has any registry credentials.
Return Type
Boolean !
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@b45dbd7448bb967aca4a538af9ce7f042abf0316 call \
has-registry-auth
func (m *myModule) example(ctx context.Context) bool {
return dag.
RegistryConfig().
HasRegistryAuth(ctx)
}
@function
async def example() -> bool:
return await (
dag.registry_config()
.has_registry_auth()
)
@func()
async example(): Promise<boolean> {
return dag
.registryConfig()
.hasRegistryAuth()
}
secret() 🔗
Create the registry configuration.
Return Type
Secret !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
name | String | "registry-config" | No description provided |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@b45dbd7448bb967aca4a538af9ce7f042abf0316 call \
secret
func (m *myModule) example() *Secret {
return dag.
RegistryConfig().
Secret()
}
@function
def example() -> dagger.Secret:
return (
dag.registry_config()
.secret()
)
@func()
example(): Secret {
return dag
.registryConfig()
.secret()
}
mountSecret() 🔗
MountSecret mounts a registry configuration secret into a container if there is any confuguration in it.
Return Type
Container !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
container | Container ! | - | No description provided |
path | String ! | - | No description provided |
secretName | String | "registry-config" | No description provided |
owner | String | - | A user:group to set for the mounted secret. The user and group can either be an ID (1000:1000) or a name (foo:bar). If the group is omitted, it defaults to the same as the user. |
mode | Integer | - | Permission given to the mounted secret (e.g., 0600). This option requires an owner to be set to be active. |
Example
dagger -m github.com/sagikazarmark/daggerverse/registry-config@b45dbd7448bb967aca4a538af9ce7f042abf0316 call \
mount-secret --container IMAGE:TAG --path string
func (m *myModule) example(container *Container, path string) *Container {
return dag.
RegistryConfig().
MountSecret(container, path)
}
@function
def example(container: dagger.Container, path: str) -> dagger.Container:
return (
dag.registry_config()
.mount_secret(container, path)
)
@func()
example(container: Container, path: string): Container {
return dag
.registryConfig()
.mountSecret(container, path)
}