Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support docker credentials from servers section in settings.xml #27629

Closed
markusschaefer opened this issue Aug 11, 2021 · 4 comments
Closed

Support docker credentials from servers section in settings.xml #27629

markusschaefer opened this issue Aug 11, 2021 · 4 comments
Labels
status: declined A suggestion or change that we don't feel we should currently apply

Comments

@markusschaefer
Copy link

Support credentials from maven settings.xml for DockerRegistry

it would be helpful if secrets like credentials for docker registries could be hidden from the plugin configuration in the pom.xml.
Username and password can be loaded from the server section in the maven settings.xml when the server id matches the hostname of the docker registry.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Aug 11, 2021
@snicoll snicoll changed the title spring-boot-maven-plugin: support credentials from servers section in settings.xml Support docker credentials from servers section in settings.xml Aug 11, 2021
@scottfrederick
Copy link
Contributor

There is an existing issue to support Docker credentials read from the standard Docker settings location (e.g. ~/.docker/config.json). The config.json approach has several advantages over a Maven settings.xml approach, including consistency between the Maven and Gradle plugins, consistency with other Docker tooling, and better support for credential fields beyond username and password (as is typically required by registries such as Amazon Elastic Container Registry and Google Cloud Container Registry).

I would not be in favor of supporting three sources of credentials (pom.xml, config.json, and settings.xml) since this would require more documentation to clarify the order of precedence of the sources and generally seems like overkill.

@markusschaefer Would the config.json approach meet your needs?

@scottfrederick scottfrederick added the status: waiting-for-feedback We need additional information before we can continue label Aug 11, 2021
@markusschaefer
Copy link
Author

@scottfrederick I don't need the support of the maven settings for my local machine. I need this for our jenkins build server. The maven settings are saved as managed file in jenkins and the credentials are saved in jenkins too. the builds are scheduled on different nodes. With your suggestion I would have to save the secrets in different docker eingines on different nodes.

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Aug 13, 2021
@scottfrederick
Copy link
Contributor

In #25898 we're proposing that the Spring Boot plugins read a config.json file to get Docker credentials. The Docker daemon wouldn't be involved in reading the file. The plugins can look for a config.json file in default locations like ~/.docker but also make the location configurable. So you could store the file as a managed file in Jenkins just like you would a settings.xml file and tell the plugins where to look for it.

@scottfrederick scottfrederick added status: waiting-for-feedback We need additional information before we can continue and removed status: feedback-provided Feedback has been provided labels Aug 19, 2021
@markusschaefer
Copy link
Author

Ok, I'll give it a try when #25898 is available. Thanks for the support

@snicoll snicoll added status: declined A suggestion or change that we don't feel we should currently apply and removed status: waiting-for-feedback We need additional information before we can continue status: waiting-for-triage An issue we've not yet triaged labels Aug 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: declined A suggestion or change that we don't feel we should currently apply
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@scottfrederick @snicoll @spring-projects-issues @markusschaefer