Open qu1queee opened 1 month ago
qu1queee
commented
1 month ago 
apoorvajagtap
commented
1 week ago How does buildah buildStrategy ensure that the buildah bud command has required creds to pull an image from a private registry?
My build using buildah strategy fails when the Dockerfile references the base image from a private registry.
SaschaSchwarze0
commented
1 week ago How does
buildah buildStrategyensure that thebuildah budcommand has required creds to pull an image from a private registry? My build using buildah strategy fails when the Dockerfile references the base image from a private registry.
+1 also wanted to bring up this topic, mainly in the context of DockerHub reducing rate limits for anonymous pulls again from 100 pulls per six hours per IP to 10 pulls per one hour per IP.
Today's Shipwright answer is that your image push secret must contain all secrets. Tools like https://github.com/src2img/k8s-dockerconfig-secrets-merge can help you to build such a secret.
Question is: do we want to add some capability in the first place or - given it mainly affects Dockerfile strategies (maybe also ko if you use a base image that is private and not in the same registry as the output image) - improve the build strategies with an optional additional volume for an additional secret?
qu1queee
commented
1 week ago Meeting minutes:
Andrea Frittoli provided us a session about CD Events. From an overall perspective, to their latest features in the release 0.4 . You can find the slides in here. Per the Q&A:
From @apoorvajagtap and @SaschaSchwarze0 . Authentication for the FROM images of a Dockerfile is currently not natively supported (although workarounds exist). We need to reconsider where we are here and come with a proposal if we want to support this. An issue exists https://github.com/shipwright-io/build/issues/838 .