Uploaded image for project: 'OpenShift Windows Containers'
  1. OpenShift Windows Containers
  2. WINC-1294

Support token-based auth for mirror registries

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Normal Normal
    • WMCO 10.16.0
    • None
    • None
    • Strategic Product Work
    • 5
    • False
    • None
    • False
    • OCPSTRAT-619 - Support Windows Containers in disconnected environments
    • WINC - Sprint 255

      Description

      Some registries require authorization tokens to access images. Containerd needs to become auth-aware in order to support pulling images from these registries.

      Engineering Details

      We will need to add a header field to each host listed in hosts.tomls with the auth token. E.g.

      [host."https://<mirror.registry.com>"]
   capabilities = ["pull"]
   [host."https://<mirror.registry.com>".header]
      authorization = "Basic <token>"

      The token for each registry can be taken from pull-secret Secret in openshift-config -- our docs should call put that users will need to place their token in the global pull secret

      Acceptance Criteria

      Auth token added to generated containerd registry config files

      Containerd can pull Windows images from secure registries without any manual intervention.

              mohashai Mohammad Shaikh
              mohashai Mohammad Shaikh
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: