When using docker-credential-gcr with regular docker, setting the GCE_METADATA_HOST environment variable tells it to use the given endpoint instead of the default one to fetch tokens via ADC.
This does not work with rules_oci since the environment variable is not passed on to the credential helper process.
Is that correct? Would it be acceptable to add it there? If yes, I'm happy to create a PR for it.
If that use-case is too specific and you'd rather not add the env to the list, is there any other way to expose the correct settings, i.e. make the list of pass-thru-envs dynamic?
When using
docker-credential-gcrwith regular docker, setting theGCE_METADATA_HOSTenvironment variable tells it to use the given endpoint instead of the default one to fetch tokens via ADC.This does not work with
rules_ocisince the environment variable is not passed on to the credential helper process.I believe the trivial fix would be to just add it to this list: https://github.com/bazel-contrib/rules_oci/blob/a195e365/oci/private/authn.bzl#L369
Is that correct? Would it be acceptable to add it there? If yes, I'm happy to create a PR for it. If that use-case is too specific and you'd rather not add the env to the list, is there any other way to expose the correct settings, i.e. make the list of pass-thru-envs dynamic?