Skip to content

Registry options configuration

Overview

Registry options is used to authenticate against a registry during the analysis of an image:

regopts:
  - name: "myregistry"
    username: fii
    password: bor
    timeout: 5s
  - name: "docker.io"
    selector: image
    username: foo
    password: bar
  - name: "docker.io/crazymax"
    selector: image
    usernameFile: /run/secrets/username
    passwordFile: /run/secrets/password

myregistry will be used as a name selector (default) if referenced by its name.

docker.io will be used as an image selector. If an image is on DockerHub (docker.io domain), this registry options will be selected if not referenced as a regopt name.

docker.io/crazymax will be used as an image selector. If an image is on DockerHub and in crazymax namespace, this registry options will be selected if not referenced as a regopt name.

Configuration

name

Unique name for registry options. This name can be used through diun.regopt Docker / Swarm label or Kubernetes annotation and also as regopt for the file provider.

Warning

  • Required
  • Must be unique

Config file

regopts:
  - name: "myregistry"

Environment variables

  • DIUN_REGOPTS_<KEY>_NAME

selector

What kind of selector to use to retrieve registry options. (default name)

Warning

  • Accepted values are name or image
  • name selector is the default value and will retrieve this registry options only if it's referenced by its name.
  • image selector will retrieve this registry options if the given image matches the registry domain or repository path.

Config file

regopts:
  - name: "myregistry"
    selector: name

Environment variables

  • DIUN_REGOPTS_<KEY>_SELECTOR

username

Registry username.

Config file

regopts:
  - name: "myregistry"
    username: foo

Environment variables

  • DIUN_REGOPTS_<KEY>_USERNAME

usernameFile

Use content of secret file as registry username if username not defined.

Config file

regopts:
  - name: "myregistry"
    usernameFile: /run/secrets/username

Environment variables

  • DIUN_REGOPTS_<KEY>_USERNAMEFILE

password

Registry password.

Config file

regopts:
  - name: "myregistry"
    username: foo
    password: bar

Environment variables

  • DIUN_REGOPTS_<KEY>_PASSWORD

passwordFile

Use content of secret file as registry password if password not defined.

Config file

regopts:
  - name: "myregistry"
    passwordFile: /run/secrets/password

Environment variables

  • DIUN_REGOPTS_<KEY>_PASSWORDFILE

timeout

Timeout is the maximum amount of time for the TCP connection to establish. (default 10s)

Config file

regopts:
  - name: "myregistry"
    timeout: 10s

Environment variables

  • DIUN_REGOPTS_<KEY>_TIMEOUT

insecureTLS

Allow contacting docker registry over HTTP, or HTTPS with failed TLS verification. (default false)

Config file

regopts:
  - name: "myregistry"
    insecureTLS: false

Environment variables

  • DIUN_REGOPTS_<KEY>_INSECURETLS

Last update: 2020-06-22 00:19:59