mirrors/diun
1
0
Fork 0
mirror of https://github.com/crazy-max/diun.git synced 2025-12-24 14:31:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
11f5b3847c604e81db2d2373b64e3d5bf744eb6d
diun/docs/config/regopts.md
CrazyMax 1115234010 Add CLI to interact with Diun through gRPC (#382) 
Add simple CLI to interact with Diun through gRPC
Create image and notif proto services
Compile and validate protos through a dedicated Dockerfile and bake target
Implement proto definitions
Move server as `serve` command
New commands `image` and `notif`
Refactor command line usage doc
Better CLI error handling
Tools build constraint to manage tools deps through go modules
Add upgrade notes

Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-05-26 18:18:10 +02:00

3.7 KiB
Raw Blame History

Registry options configuration

Overview

Registry options is used to authenticate against a registry during the analysis of an image:

regopts:
  - name: "myregistry"
    username: fii
    password: bor
    timeout: 30s
  - name: "docker.io"
    selector: image
    username: foo
    password: bar
  - name: "docker.io/crazymax"
    selector: image
    usernameFile: /run/secrets/username
    passwordFile: /run/secrets/password
  • myregistry will be used as a name selector (default) if referenced by its name.
  • docker.io will be used as an image selector. If an image is on DockerHub (docker.io domain), this registry options will be selected if not referenced as a regopt name.
  • docker.io/crazymax will be used as an image selector. If an image is on DockerHub and in crazymax namespace, this registry options will be selected if not referenced as a regopt name.

Configuration

name

Unique name for registry options. This name can be used through diun.regopt Docker / Swarm label or Kubernetes annotation and also as regopt for the Dockerfile and File providers.

!!! warning * Required * Must be unique

!!! example "Config file" yaml regopts: - name: "myregistry"

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_NAME

selector

What kind of selector to use to retrieve registry options. (default name)

!!! warning * Accepted values are name or image

  • name selector is the default value and will retrieve this registry options only if it's referenced by its name.
  • image selector will retrieve this registry options if the given image matches the registry domain or repository path.

!!! example "Config file" yaml regopts: - name: "myregistry" selector: name

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_SELECTOR

username

Registry username.

!!! example "Config file" yaml regopts: - name: "myregistry" username: foo

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_USERNAME

usernameFile

Use content of secret file as registry username if username not defined.

!!! example "Config file" yaml regopts: - name: "myregistry" usernameFile: /run/secrets/username

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_USERNAMEFILE

password

Registry password.

!!! example "Config file" yaml regopts: - name: "myregistry" username: foo password: bar

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_PASSWORD

passwordFile

Use content of secret file as registry password if password not defined.

!!! example "Config file" yaml regopts: - name: "myregistry" passwordFile: /run/secrets/password

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_PASSWORDFILE

timeout

Timeout is the maximum amount of time for the TCP connection to establish. (default 0 ; no timeout)

!!! example "Config file" yaml regopts: - name: "myregistry" timeout: 30s

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_TIMEOUT

insecureTLS

Allow contacting docker registry over HTTP, or HTTPS with failed TLS verification. (default false)

!!! example "Config file" yaml regopts: - name: "myregistry" insecureTLS: false

!!! abstract "Environment variables" * DIUN_REGOPTS_<KEY>_INSECURETLS