Docker login auth token
Auth is simply a base64 encoded 'username:password' string. You can get it with the following command:
echo -n 'username:password' | base64
If you are using Kubernetes, and you need it for creating the registry password just run:
kubectl create secret docker-registry --dry-run=true docker-regcred \--docker-server=https://index.docker.io/v1/ \--docker-username=xxx \--docker-password=xxx \--docker-email=yourmail@yourdomain.com \--namespace=xxx \-o yaml > docker-secret.yamlThis will create docker-secret.yaml with your JSON there.if you dont include --dry-run=client and -o yaml > docker-secret.yaml It will create the k8s secret.
Using credential store is more secure than storing base64 encoded credentials in config.json file. In your case docker is using the native keychain of the Mac OS (i.e. osxkeychain) as the credential store.
Now for the problem of getting credentials from the osxkeychain you can use docker-credential-helpers.
Steps to get the credential (in terminal):
- Download the latest release.
- Extract and move it to
/usr/local/binor add it's path to the$PATHvariable. So that you are able to access it globally. - Execute this command in terminal
echo "<server-url>" | docker-credential-osxkeychain get. In case you want to find out theserver-urluse this commanddocker-credential-osxkeychain list.
Get credential in go code:
package mainimport ( "fmt" osx "github.com/docker/docker-credential-helpers/client")func main() { p := osx.NewShellProgramFunc("docker-credential-osxkeychain") creds, err := osx.Get(p, "server-url") if err != nil { fmt.Println(err) } fmt.Printf("Got credentials for user `%s` in `%s` with secret `%s` \n", creds.Username, creds.ServerURL, creds.Secret)}