What docker credentials to use for release time builds

filesender / governance

Governance and policies for the FileSender software development

0 stars 0 forks source link

What docker credentials to use for release time builds #25

Open monkeyiq opened 2 years ago

monkeyiq commented 2 years ago

What sort of account should the project use on dockerhub for image uploads?

It seems that Docker Personal works for FileSender's needs.

In particular this PR add support for building docker images and uploading them but that does need credentials during upload https://github.com/filesender/filesender/pull/956

WebSpider commented 2 years ago

I would recommend to use quay instead of docker. Docker requires registration for automated usage of the image, or they will ratelimit the pulls.

Quay doesn't do this thing, is owned by company that has a known affection for open-source (RedHat) and maybe they can provide extra features for image security to open source projects (I'd have to check)

The use of credentials during upload can be handled by storing the secrets / API keys in github, so the github action can reference it.

monkeyiq commented 2 years ago

Excellent, thanks for the info and recommendation! IIRC there was also some changes to the docker user levels when I was looking which made it hard to try to choose what would work for FileSender.

WebSpider commented 1 year ago

@meijer @guidoaben @efef given the interest for dockerized builds expressed at the meeting at TNC23, could you put this on your agenda please?