Closed philips closed 8 years ago
1) quayctl uses the github.com/coreos/rkt/rkt/config package
This might be easiest and fastest to do, but there are two problems:
2) quayctl shells out to rkt to get the credentials over stdout
I had an idea of writing the rkt config
helper command that would print a big JSON with the effective configuration rkt would use, but currently there is nothing like that.
3) quayctl talks to the rkt API to get the credentials
I'm uneasy about exposing whole configuration over API service, but I think that exposing some parts of it would be OK. Of course, the question then would be about the general safety of it (like "can anyone ask the API service about the credentials?").
It seems like the rkt config
idea is probably the most expedient and doesn't get us into questions about the API service. rkt config
is likely very helpful for debugging too.
@krnowak Mind filing a feature issue for rkt config
?
I everything done for this?
Yep. All done.
Actually, forgot I didn't merge it yet. Will do so tomorrow then re-close this.
quayctl should be able to pull from private registries configured for rkt. It already knows how to find and read .dockercfg files. The configuration for rkt also comes from files on disk. And there is a Go library that does this: https://godoc.org/github.com/coreos/rkt/rkt/config#GetConfig
There are two paths:
1) quayctl uses the github.com/coreos/rkt/rkt/config package 2) quayctl shells out to rkt to get the credentials over stdout 3) quayctl talks to the rkt API to get the credentials
For expediency I feel like quayctl should do number 1 and perhaps file an issue to do number 3. What do you think @alban and @jonboulle.