How can I use Github packages Docker registry in Kubernetes dockerconfigjson? How can I use Github packages Docker registry in Kubernetes dockerconfigjson? kubernetes kubernetes

How can I use Github packages Docker registry in Kubernetes dockerconfigjson?


github kubernetes docker-registry

  1. Create new Github Personal Access Token with read:packages scope at https://github.com/settings/tokens/new.

  2. Base-64 encode <your-github-username>:<TOKEN>, ie.:

    $ echo -n VojtechVitek:4eee0faaab222ab333aa444aeee0eee7ccc555b7 | base64<AUTH>

    Note: Make sure not to encode a newline character at the end of the string.

  3. Create kubernetes.io/dockerconfigjson secret

    A) Create secret manually:

    $ echo '{"auths":{"docker.pkg.github.com":{"auth":"<AUTH>"}}}' | kubectl create secret generic dockerconfigjson-github-com --type=kubernetes.io/dockerconfigjson --from-file=.dockerconfigjson=/dev/stdin

    B) Or, create .yml file that can be used in kubectl apply -f:

    kind: Secrettype: kubernetes.io/dockerconfigjsonapiVersion: v1metadata:  name: dockerconfigjson-github-comstringData:  .dockerconfigjson: {"auths":{"docker.pkg.github.com":{"auth":"<AUTH>"}}}

    Note for GitOps: I strongly recommend not to store the above file in plain-text in your git repository. Hydrate the value in your CD pipeline or encrypt/seal the file with tools like https://github.com/mozilla/sops or https://github.com/bitnami-labs/sealed-secrets.

  4. Now, you can reference the above secret from your pod's spec definition via imagePullSecrets field:

    spec:  containers:  - name: your-container-name    image: docker.pkg.github.com/<ORG>/<REPO>/<PKG>:<TAG>  imagePullSecrets:  - name: dockerconfigjson-github-com

github kubernetes docker-registry

I had to migrate from docker.pkg.github.com to ghcr.io to get this to work with containerd: https://docs.github.com/en/packages/working-with-a-github-packages-registry/migrating-to-the-container-registry-from-the-docker-registry

Don't forget to create the token with read:packages:

kubectl create secret docker-registry dockerconfigjson-github-com \ --dry-run=true \ --docker-server=https://docker.pkg.github.com \ --docker-username=<username> \ --docker-password=<https://github.com/settings/tokens/new> \ --namespace=default -o yaml

Add the pull secret:

spec:  containers:  - name: your-container-name    image: docker.pkg.github.com/<ORG>/<REPO>/<PKG>:<TAG>  imagePullSecrets:  - name: dockerconfigjson-github-com

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last