Skip to content

Registry options configuration

Overview

Registry options are used to authenticate against a registry during the analysis of an image:

regopts:
  - name: "myregistry"
    username: fii
    password: bor
    timeout: 30s
  - name: "docker.io"
    selector: image
    username: foo
    password: bar
  - name: "docker.io/crazymax"
    selector: image
    usernameFile: /run/secrets/username
    passwordFile: /run/secrets/password
  • myregistry will be used as a name selector (default) if referenced by its name.
  • docker.io will be used as an image selector. If an image is on DockerHub (docker.io domain), this registry options will be selected if not referenced as a regopt name.
  • docker.io/crazymax will be used as an image selector. If an image is on DockerHub and in crazymax namespace, this registry options will be selected if not referenced as a regopt name.

Configuration

name

Unique name for registry options. This name can be used through diun.regopt Docker / Swarm label or Kubernetes / Nomad annotation and also as regopt for the Dockerfile and File providers.

Warning

  • Required
  • Must be unique

Config file

regopts:
  - name: "myregistry"

Environment variables

  • DIUN_REGOPTS_<KEY>_NAME

selector

What kind of selector to use to retrieve registry options. (default name)

Warning

  • Accepted values are name or image
  • name selector is the default value and will retrieve this registry options only if it's referenced by its name.
  • image selector will retrieve this registry options if the given image matches the registry domain or repository path.

Config file

regopts:
  - name: "myregistry"
    selector: name

Environment variables

  • DIUN_REGOPTS_<KEY>_SELECTOR

username

Registry username.

Config file

regopts:
  - name: "myregistry"
    username: foo

Environment variables

  • DIUN_REGOPTS_<KEY>_USERNAME

usernameFile

Use content of secret file as registry username if username not defined.

Config file

regopts:
  - name: "myregistry"
    usernameFile: /run/secrets/username

Environment variables

  • DIUN_REGOPTS_<KEY>_USERNAMEFILE

password

Registry password.

Config file

regopts:
  - name: "myregistry"
    username: foo
    password: bar

Environment variables

  • DIUN_REGOPTS_<KEY>_PASSWORD

passwordFile

Use content of secret file as registry password if password not defined.

Config file

regopts:
  - name: "myregistry"
    passwordFile: /run/secrets/password

Environment variables

  • DIUN_REGOPTS_<KEY>_PASSWORDFILE

timeout

Timeout is the maximum amount of time for the TCP connection to establish. (default 0 ; no timeout)

Config file

regopts:
  - name: "myregistry"
    timeout: 30s

Environment variables

  • DIUN_REGOPTS_<KEY>_TIMEOUT

insecureTLS

Allow contacting docker registry over HTTP, or HTTPS with failed TLS verification. (default false)

Config file

regopts:
  - name: "myregistry"
    insecureTLS: false

Environment variables

  • DIUN_REGOPTS_<KEY>_INSECURETLS
Last update: 2023-09-23 16:00:08
Created: 2020-06-19 22:47:17