To support pulling private images. I want to mount a .dockercfg file containing the authconfig or give an env with the (base64 encoded) version of .dockercfg to the watchtower container.
from: https://docs.docker.com/reference/api/docker_remote_api/
Something like this: https://github.com/fsouza/go-dockerclient/blob/master/auth.go#L50
@pnicolai I was just talking about this yesterday with someone else in this PR https://github.com/CenturyLinkLabs/watchtower/pull/2.
This is most definitely a gap in the current implementation, and I think that leveraging the existing .dockercfg probably makes the most sense. I like the idea of supporting either a mounted file or an env var -- I did something similar with the TLS config options.
This will most likely be the next thing that I work on, but would welcome PRs if anyone else wants to take a crack at it.
@wilstrup this is relevant to our discussion in #2
Has any progress been made on this, @bdehamer?
Hi @atomaka, @bdehamer is no longer at CenturyLink, and no progress has been made on this request.
CenturyLink is the maintainer for these open source projects, but we welcome and encourage community contributions. I recommend that you, @wilstrup or @pnicolai implement and test support for private registries, and then submit a PR with your enhancement.
https://github.com/CenturyLinkLabs/watchtower/pull/13
allows
docker run -d --name watchtower \
-e REPO_USER="" \
-e REPO_PASS="" \
-e REPO_EMAIL="" \
-v /var/run/docker.sock:/var/run/docker.sock \
drud/watchtower container_name --debug
What's the status on this? It would definitely come in handy for me right now.
Would be very useful for me, too.
@frodopwns, does #13 this allow specifying a private registry URL for the auth credentials to apply to?
@tomjrob I don't actually use any registries other than Docker Hub but I'm happy to look into it further. I will post back here.
@tomjrob It seems to work. I tested with a private quay.io repo and my fork of watchtower picked up on changes to it just fine. I'd imagine this will work with any of the other registries.
Is there any progress on that issue? Any option or something to pass a private registry other than docker-hub, ie gitlab?
I just ran across this issue as well, being able to vol mount an existing .docker/config.json file would be extremely useful, especially when talking about multiple auths to multiple different registries. In my case I have some images on Gitlab and other legacy items on Docker Hub.
After spending some time lurking in the code of watchtower and trying to make it work with Amaon ECR (private registry) I guess the right approach is to replace the docker-client library (or update the existing one), by one that will honour docker-credentials-helper.
Looks like docker-credentials-helper is the official way to transparently authenticate to private registries.
Should be fixed with #26 and next upcoming v0.1.0
New official builds are now available on docker hub. Issue should be fixed with v0.1.0
This still does not work for me at all.
Any awareness of further issues with private repo authentication via docker config.json file?
Most helpful comment
https://github.com/CenturyLinkLabs/watchtower/pull/13
allows