quick-answer-45507
02/13/2023, 1:49 PMpullSecrets:
nexus:
registry: nexus-docker-out.build-tools.domain-production.com
serviceAccounts:
- default
bright-policeman-43626
02/13/2023, 2:52 PMimagePullSecrets:
- # The name of the Kubernetes secret.
name: the-secret-you-created-above
# The namespace where the secret is stored. If necessary, the secret may be copied to the appropriate
# namespace before use.
namespace: something
Please give that one a try and, feel free to come back if this doesn't work, and please attach any errors you encounter along the way!quick-answer-45507
02/13/2023, 2:56 PMcopyreg:
desc: Copy the local docker registry config to the minikube node
command:
- |
if [ ! -f ~/.docker/config.json ]; then
echo "No Docker config file found. Run \"captain login-local\"."
exit 0
else
# Take the user's Docker config as is...
dockerJSONB64=$(base64 -i ~/.docker/config.json | tr -d '[:space:]')
# But if keychain is used, it doesn't contain the auth we need, so rebuild the Docker config
if grep osxkeychain ~/.docker/config.json; then
servers=$(cat ~/.docker/config.json | jq -r '.auths | keys | join("\n")')
echo 'Captain needs to access the macOS keychain in order to copy Docker credentials into Kubernetes.'
echo 'Enter your system password if prompted, and select "Always Allow" to avoid further prompts.'
dockerJSON='{"auths":{'
firstAuth='indeed'
while read -r server
do
user=$(security find-internet-password -s "$server" | grep '"acct"' | gsed -n "s/^.*\"acct\".*=\"\(.*\)\".*$/\1/p")
pass=$(security find-internet-password -s "$server" -w)
authStr=$(echo "$user:$pass" | tr -d '[:space:]' | base64)
if [ -z "$firstAuth" ]; then
dockerJSON="${dockerJSON},"
fi
dockerJSON="${dockerJSON}\"${server}\":{\"auth\":\"$authStr\"}"
firstAuth=''
done <<< "$servers"
dockerJSON="$dockerJSON}}"
dockerJSONB64=$(echo "$dockerJSON" | base64 | tr -d '[:space:]')
fi
sed "s/DOCKER_CONFIG_JSON/$dockerJSONB64/g" {{.Dir}}/kube/registry-secret.yaml \
| kubectl apply -f -
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}'
fi
bright-policeman-43626
02/13/2023, 3:02 PMkubectl --namespace default create secret docker-registry gitlab \
--docker-server=address-of-the-registry \
--docker-username=$REGISTRY_USERNAME \
--docker-password="$REGOSTRY_PASSWORD"
2. And then reference it in your https://docs.garden.io/reference/providers/local-kubernetes#providers-.imagepullsecrets object.quick-answer-45507
02/14/2023, 12:00 AMbright-policeman-43626
02/14/2023, 2:38 AMquick-answer-45507
02/14/2023, 6:58 PMbright-policeman-43626
02/14/2023, 7:43 PM