https://garden.io logo
Join Discord
Powered by
what should I put as imagepullsecrets and deployme...
# 🤖|ask-kapa
f
@microscopic-river-74022 what should I put as imagepullsecrets and deploymentregistry when using ghcr.io with kubernetes provider?
m
Please stand by @fresh-angle-76971 as I search the knowledge base. I normally take about 15 seconds or so. :wave:
---------------------- To use GitHub Container Registry (ghcr.io) with the Garden Kubernetes provider, you need to: 1. Create a Kubernetes imagePullSecret with credentials that have access to your 
ghcr.io
registry. 2. Configure the 
deploymentRegistry
 in your Garden project to point to 
ghcr.io
and the appropriate namespace (your GitHub username or organization). 3. Reference the imagePullSecret in your Garden provider configuration. Here’s how you can set it up: ### 1. Create the imagePullSecret First, create a [Personal Access Token (PAT)]() on GitHub with the appropriate 
read:packages
and 
write:packages
scopes. Then, create the Kubernetes secret (replace 
<your-username>
, 
<your-token>
, and 
<namespace>
as needed):
Copy code
sh
kubectl create secret docker-registry ghcr-secret \
  --docker-server=ghcr.io \
  --docker-username=<your-username> \
  --docker-password=<your-token> \
  --docker-email=<your-email> \
  --namespace=<namespace>
### 2. Configure 
deploymentRegistry
and 
imagePullSecrets
in Garden In your 
garden.yml
or project config, add:
Copy code
yaml
kind: Project
name: my-project
...
providers:
  - name: kubernetes
    ...
    deploymentRegistry:
      hostname: ghcr.io
      namespace: <your-username-or-org>
    imagePullSecrets:
      - name: ghcr-secret
        namespace: <namespace>
- 
deploymentRegistry.hostname
should be 
ghcr.io
. - 
deploymentRegistry.namespace
should be your GitHub username or organization. - 
imagePullSecrets
should reference the secret you created above.
This setup ensures that Garden can push built images to 
ghcr.io
and your Kubernetes cluster can pull them when deploying services. Make sure the secret has write privileges for pushing and read privileges for pulling images from the registry, as required by Garden's in-cluster building and deployment process [Configuring a deployment registry](). If you need more details on creating the secret, see the [Kubernetes documentation]() as referenced in the Garden docs. > Note: The knowledge sources do not provide a specific example for 
ghcr.io
, but the process is the same as for any external/private registry as described above. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------
message has been deleted
Previous
Powered by