Docker login auth token
Auth is simply a base64 encoded 'username:password' string. You can get it with the following command:
echo -n 'username:password' | base64
If you are using Kubernetes, and you need it for creating the registry password just run:
kubectl create secret docker-registry --dry-run=true docker-regcred \--docker-server=https://index.docker.io/v1/ \--docker-username=xxx \--docker-password=xxx \--docker-email=yourmail@yourdomain.com \--namespace=xxx \-o yaml > docker-secret.yaml
This will create docker-secret.yaml
with your JSON there.if you dont include --dry-run=client
and -o yaml > docker-secret.yaml
It will create the k8s secret.
Using credential store is more secure than storing base64 encoded credentials in config.json
file. In your case docker is using the native keychain of the Mac OS (i.e. osxkeychain) as the credential store.
Now for the problem of getting credentials from the osxkeychain
you can use docker-credential-helpers.
Steps to get the credential (in terminal):
- Download the latest release.
- Extract and move it to
/usr/local/bin
or add it's path to the$PATH
variable. So that you are able to access it globally. - Execute this command in terminal
echo "<server-url>" | docker-credential-osxkeychain get
. In case you want to find out theserver-url
use this commanddocker-credential-osxkeychain list
.
Get credential in go code:
package mainimport ( "fmt" osx "github.com/docker/docker-credential-helpers/client")func main() { p := osx.NewShellProgramFunc("docker-credential-osxkeychain") creds, err := osx.Get(p, "server-url") if err != nil { fmt.Println(err) } fmt.Printf("Got credentials for user `%s` in `%s` with secret `%s` \n", creds.Username, creds.ServerURL, creds.Secret)}