Open naveensrinivasan opened 3 years ago
Here is a PR for this #5818
This came up recently when moved to start building our own containers for the bitcoind
repo, Docker Hub has some weird limits now as they want to force ppl towards a paid plan
This came up recently when moved to start building our own containers for the
bitcoind
repo, Docker Hub has some weird limits now as they want to force ppl towards a paid plan
Nice!! With keyless singing and the new OIDC feature even better https://chainguard.dev/posts/2021-11-03-zero-friction-keyless-signing
~I haven't been able to pull from GHCR without logging in, so I don't think it's a full replacement for dockerhub at this time, but~ #5818 seems like a great addition.
Edit: it was a problem with the repo I was trying to pull, looks like ghcr.io does in fact allow anonymous pulls
I agree ghcr doesn't allow anonymous pulls.
Compared to Docker hub ghcr has option sign containers with sigstore.dev , no keys for pushing changes lots of advantages.
Ok interesting, I thought I had an anonymous pull work. Regardless, it seems like the only cost of pushing to both registries is the effort to maintain both build scripts. Since we can include signatures in ghcr it seems worth it.
Background
lnd
docker container is hosted at dockerhub https://hub.docker.com/r/lightninglabs/lndhttps://dlorenc.medium.com/a-bit-of-ambiance-comes-to-sigstore-f80d1d6b1c30
Potential solution