search

elotl / kip

Virtual-kubelet provider running pods in cloud instances
Apache License 2.0
223 stars 14 forks source link

Support dockerconfigjson registry secrets #96

Closed justnoise closed 4 years ago

justnoise commented 4 years ago

In k8s, the standard way to encode registry secrets is:

kubectl create secret docker-registry regcred --docker-server=<server> --docker-username=<username> --docker-password=<password> --docker-email=<docker-email>

This produces a secret that looks like:

apiVersion: v1
kind: Secret
data:
  .dockerconfigjson: <base64 encoded json>

The decoded json looks like:

{
    "auths": {
        "docker.io": {
            "username": "<username>",
            "password": "<password>",
            "email": "<docker-email>",
            "auth": "<base64 encoded username:password>"
        }
    }
}

Kip pulls out image secrets and sends them to cells in a structure containing {server, username, password}. We should try to pull that data out of a docker formatted secret.

Lets update kip to correctly pull out the necessary data from a docerconfigjson secret.