Re: [DISCUSS] Fetching Docker Images Requiring User Credentials.

Tue, 15 Mar 2016 13:26:38 -0700 

Can we be a bit more concrete here and try to build up a schema for this.
Maybe something like:

{
  [
    {
      "service" : "docker",
      "registries" :
      [
        "uri" : "<uri>",
        "default_credentials" :
        {
          "type" : "<type>",
          "credential" :
          {
              // Custom based on type...
          }
        },
        "image_credentials" :
        [
          {
            "image_name" : "<image_name>",
            "type" : "<type>",
            "credential" :
            {
              // Custom based on type...
            },
          },
          ...
        ],
        ...
      ]
      ...
    },
    ...
  ]
}


On Tue, Mar 15, 2016 at 12:57 PM, Jie Yu <[email protected]> wrote:
>>
>> Yeah I was thinking having the JSON as a dictionary with keys being the
>> registry URI (appc/docker) and the values being credentials (which will
be
>> a dictionary as well I guess).
>
>
> Using registry URI as the key is problematic. Think about the public
docker
> hub. Different frameworks might want to use different credentials to
access
> their docker images.
>
> - Jie
>
> On Tue, Mar 15, 2016 at 11:52 AM, Avinash Sridharan <[email protected]
>
> wrote:
>
>> On Tue, Mar 15, 2016 at 11:43 AM, Vinod Kone <[email protected]>
wrote:
>>
>> > moved core@ to *bcc*
>> >
>> > On Tue, Mar 15, 2016 at 11:18 AM, Avinash Sridharan <
>> [email protected]
>> > > wrote:
>> >
>> >> Why not follow option 2, but instead of passing the agent credentials,
>> >> pass a location to the flag where credentials for the registry can be
>> found
>> >> (in JSON)? The frameworks can set credentials (maybe registry name or
>> URL
>> >> to the registry), and the credentials can be learnt from the JSON
>> config.
>> >>
>> >
>> > What if we need credentials for multiple-registries? Have a JSON with
one
>> > credential per registry I guess? But if possible, I would love to solve
>> > this more generally as possible; as Gilbert mentioned, this is not a
>> > problem just for Docker images but any URIs that need AuthN.
>> >
>> Yeah I was thinking having the JSON as a dictionary with keys being the
>> registry URI (appc/docker) and the values being credentials (which will
be
>> a dictionary as well I guess).
>>
>>
>> --
>> Avinash Sridharan, Mesosphere
>> +1 (323) 702 5245
>>



-- 
~Kevin

Reply via email to