Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

:push does work, because it does not receive credentials from Credentials Store, when .docker/config.json doesn't store them. #174

Open
tobiashochguertel opened this issue Feb 3, 2020 · 1 comment
Open

:push does work, because it does not receive credentials from Credentials Store, when .docker/config.json doesn't store them. #174

tobiashochguertel opened this issue Feb 3, 2020 · 1 comment
Labels
help wanted kind/enhancement

Comments

@tobiashochguertel
Copy link

When I want to push my images to my private registry, I get an error, because there are no basic auth credentials provided.

with docker push ... from a terminal it works.

I also checked my .docker/config.json Configuration, an I was surprised that I can successfully push to my private registry without having the auth credential informations in the config.json file.

$ cat .docker/config.json
{
	"auths": {
		"dgroup.nexus3.h12.de.abc.com": {},
		"dprivate.nexus3.h12.de.abc.com": {}
	},
	"HttpHeaders": {
		"User-Agent": "Docker-Client/19.03.5 (darwin)"
	},
	"credsStore": "desktop",
	"experimental": "enabled",
	"stackOrchestrator": "swarm"

A research where my credentials for mu private registry are stored, took me to the docker login documentation page, where I was reading that they are stored in an Credential Store.

https://docs.docker.com/engine/reference/commandline/login/#credentials-store

...
Credentials store
The Docker Engine can keep user credentials in an external credentials store, such as the native keychain of the operating system. Using an external store is more secure than storing credentials in the Docker configuration file.

To use a credentials store, you need an external helper program to interact with a specific keychain or external store. Docker requires the helper program to be in the client’s host $PATH.

This is the list of currently available credentials helpers and where you can download them from:

D-Bus Secret Service: https://github.com/docker/docker-credential-helpers/releases
Apple macOS keychain: https://github.com/docker/docker-credential-helpers/releases
Microsoft Windows Credential Manager: https://github.com/docker/docker-credential-helpers/releases
pass: https://github.com/docker/docker-credential-helpers/releases

CONFIGURE THE CREDENTIALS STORE
You need to specify the credentials store in $HOME/.docker/config.json to tell the docker engine to use it. The value of the config property should be the suffix of the program to use (i.e. everything after docker-credential-). For example, to use docker-credential-osxkeychain:

{
"credsStore": "osxkeychain"
}

If you are currently logged in, run docker logout to remove the credentials from the file and run docker login again.
...

Docker Version Informations:

hochguertelto@de-dus-nb-toh:~
$ docker version
Client: Docker Engine - Community
 Version:           19.03.5
 API version:       1.40
 Go version:        go1.12.12
 Git commit:        633a0ea
 Built:             Wed Nov 13 07:22:34 2019
 OS/Arch:           darwin/amd64
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          19.03.5
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.12
  Git commit:       633a0ea
  Built:            Wed Nov 13 07:29:19 2019
  OS/Arch:          linux/amd64
  Experimental:     true
 containerd:
  Version:          v1.2.10
  GitCommit:        b34a5c8af56e510852c35414db4c1f4fa6172339
 runc:
  Version:          1.0.0-rc8+dev
  GitCommit:        3e425f80a8c931f88e6d94a8c831b9d5aa481657
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Dobi Version Informations:

hochguertelto@de-dus-nb-toh:~
$ dobi --version
dobi version 0.13.0 (build: b3063d9, date: Thu Jan 30 03:04:26 UTC 2020)

Operation System Version Informations:

0 hochguertelto@de-dus-nb-toh:~
$ system_profiler SPSoftwareDataType
Software:

    System Software Overview:

      System Version: macOS 10.15.3 (19D76)
      Kernel Version: Darwin 19.3.0
      Boot Volume: Macintosh HD
      Boot Mode: Normal
      Computer Name: Tobiass MacBook Pro
      User Name: Tobias Hochgürtel (hochguertelto)
      Secure Virtual Memory: Enabled
      System Integrity Protection: Enabled
      Time since boot: 2 days 15:38

Can we get this supported with dobi?
@avicennax
Copy link

I'm running into the same issue as well. I did a little bit of digging and found that this function is delegated to the docker client lib here. Assuming that your .docker/config.json is in your HOME or DOCKER_CONFIG env var directories (the respective env var itself is set) it should in theory work (for reference). I'll dig little further tomorrow when I get the chance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted kind/enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dnephin @tobiashochguertel @avicennax