8000 rkt pull credential support · Issue #37 · quay/quayctl · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

rkt pull credential support #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
philips opened this issue Mar 30, 2016 · 8 comments
Closed

rkt pull credential support #37

philips opened this issue Mar 30, 2016 · 8 comments
Labels
dependency/external kind/enhancement priority/P0
Milestone
Initial Release

Comments

@philips
Copy link
philips commented Mar 30, 2016

quayctl should be able to pull from private registries configured for rkt. It already knows how to find and read .dockercfg files. The configuration for rkt also comes from files on disk. And there is a Go library that does this: https://godoc.org/github.com/coreos/rkt/rkt/config#GetConfig

There are two paths:

  1. quayctl uses the github.com/coreos/rkt/rkt/config package
  2. quayctl shells out to rkt to get the credentials over stdout
  3. quayctl talks to the rkt API to get the credentials

For expediency I feel like quayctl should do number 1 and perhaps file an issue to do number 3. What do you think @alban and @jonboulle.
@philips philips added this to the Initial Release milestone Mar 30, 2016
@philips philips changed the title rkt pull support rkt pull credential support Mar 30, 2016
@krnowak
Copy link
krnowak commented Mar 30, 2016
  1. quayctl uses the github.com/coreos/rkt/rkt/config package

This might be easiest and fastest to do, but there are two problems:

  • the API of this package is not frozen, we can break it anytime (not that I plan to, but you never know)
  • the API of this package does not know where to search for the configuration, you have to tell it. Basically, quayctl would need to keep its default system, local and user configuration directories in sync with rkt. Probably not a big problem either, we don't change them all that often.
  1. quayctl shells out to rkt to get the credentials over stdout

I had an idea of writing the rkt config helper command that would print a big JSON with the effective configuration rkt would use, but currently there is nothing like that.

  1. quayctl talks to the rkt API to get the credentials

I'm uneasy about exposing whole configuration over API service, but I think that exposing some parts of it would be OK. Of course, the question then would be about the general safety of it (like "can anyone ask the API service about the credentials?").

@philips
Copy link
Author
philips commented Mar 30, 2016

It seems like the rkt config idea is probably the most expedient and doesn't get us into questions about the API service. rkt config is likely very helpful for debugging too.

@jonboulle
Copy link

@krnowak Mind filing a feature issue for rkt config?

@krnowak
Copy link
krnowak commented Apr 1, 2016

rkt/rkt#2368

@s-urbaniak
Copy link

PR xref rkt/rkt#2405

@josephschorr josephschorr mentioned this issue Apr 15, 2016
Merged
@philips
Copy link
Author
philips commented Apr 20, 2016

I everything done for this?

@josephschorr
Copy link
Contributor

Yep. All done.

@josephschorr
Copy link
Contributor
josephschorr commented Apr 20, 2016
edited
Loading

Actually, forgot I didn't merge it yet. Will do so tomorrow then re-close this.

@josephschorr josephschorr reopened this Apr 20, 2016
josephschorr added a commit that referenced this issue Apr 20, 2016
@josephschorr
Support rkt credentials when pulling
8ee3629 
Fixes #37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependency/external kind/enhancement priority/P0
Milestone
Initial Release
Development

No branches or pull requests
5 participants
@philips @krnowak @s-urbaniak @jonboulle @josephschorr
0