search

UffizziCloud / uffizzi

Build self-serve developer platforms in minutes, not months with out-of-the-box Kubernetes multi-tenancy, virtual clusters, cloud-based dev environments, customizable templating, and more.
https://uffizzi.com
Apache License 2.0
322 stars 25 forks source link

Support for Generic / Private Docker Registries #34

Open jpthurman opened 2 years ago

jpthurman commented 2 years ago

Current support is for proprietary registries ACR, GCR, ECR, Docker Hub, GHCR. . .

We need to make it easy to connect any container registry

gadkins commented 2 years ago

To support generic docker registries, we should add docker-registry subcommand to uffizzi connect.

Example use

$ uffizzi connect docker-registry

We should support:

We also update the uffizzi connect help command to include this option. For example:

# uffizzi connect
Commands:
  uffizzi connect acr               # Connect to Azure Container Registry (azurecr.io)
  uffizzi connect docker-hub        # Connect to Docker Hub (hub.docker.com)
  uffizzi connect docker-registry        # Connect to any registry implementing the Docker Registry HTTP API protocol
  uffizzi connect ecr               # Connect to Amazon Elastic Container Registry
  uffizzi connect gcr               # Connect to Google Container Registry (gcr.io)
  uffizzi connect ghcr              # Connect to GitHub Container Registry (ghcr.io)
  uffizzi connect help [COMMAND]    # Describe subcommands or one specific subcommand
  uffizzi connect list-credentials  # List existing credentials for an account

And also:

# uffizzi connect help
UFFIZZI-CONNECT()                                                                             UFFIZZI-CONNECT()

NAME
       uffizzi-connect - grant a Uffizzi user account access to external services

SYNOPSIS
       uffizzi connect COMMAND

DESCRIPTION
       Grants a Uffizzi user account access to external services

       For more information on connecting to external services, see:
       https://docs.uffizzi.com/cli

COMMANDS
       COMMAND is one of the following:

       acr
           Connect to Azure Container Registry (azurecr.io).

       docker-hub
           Connect to Docker Hub (hub.docker.com).

       docker-registry
           Connect to any registry implementing the Docker Registry HTTP API protocol

       ecr
           Connect to Amazon Elastic Container Registry (amazonaws.com).

       gcr
           Connect to Google Container Registry (gcr.io).

       gchr
           Connect to GitHub Container Registry (ghcr.io).

       Run ´uffizzi connect COMMAND --help´ for more information on a command.
axisofentropy commented 2 years ago

This docker-registry connection should just pipe the credentials (username and password) directly to the uffizzi_controller.

If you want to run your own registry to test this, https://docs.docker.com/registry/deploying/

Add htpasswd authentication as shown in this guide https://docs.docker.com/registry/configuration/#htpasswd

moklidia commented 2 years ago

Potential registries: JFrog's Artifactory, Cloudsmith

moklidia commented 2 years ago

@Adam Vollrath I didn't understand this: This docker-registry connection should just pipe the credentials (username and password) directly to the uffizzi_controller Does it mean we shouldn't save those credentials in the database?

Adam Vollrath 10 hours ago yeah we should save them to the database.

Adam Vollrath 10 hours ago What I meant by that is that we don't need to use other credentials to get docker registry credentials, as we do for some other services

antlu commented 2 years ago

QA: Refer to https://github.com/UffizziCloud/uffizzi_cli/issues/124#issuecomment-1206292324 The preview link is there.

NealArw commented 2 years ago

TESTED in https://github.com/UffizziCloud/uffizzi_cli/issues/124

NealArw commented 2 years ago

TESTED on prod in https://github.com/UffizziCloud/uffizzi_cli/issues/124