Skip to content

Commit b14a509

Browse files
vsochvsoch
committed
updating docker docs for registry, thanks @flx42!
1 parent f0dbb82 commit b14a509

1 file changed

Lines changed: 35 additions & 0 deletions

File tree

pages/docs/user-docs/docs-docker.md

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -127,6 +127,41 @@ IncludeCmd: yes
127127

128128
The solutions above would be ideal for saving a custom specification of an image to build at some runtime.
129129

130+
### Custom Authentication
131+
For both import and bootstrap using a build spec file, by default we use the Docker Registry `index.docker.io`. Singularity first tries the call without a token, and then asks for one with pull permissions if the request is defined. However, it may be the case that you want to provide a custom token for a private registry. You have two options. You can either provide a `Username` and `Password` in the build specification file (if stored locally and there is no need to share), or (in the case of doing an import or needing to secure the credentials) you can export these variables to environmental variables. We provide instructions for each of these cases:
132+
133+
134+
#### Authentication in the Spec File
135+
You can simply specify your additional authentication parameters in the header with the labels `Username` and `Password`:
136+
137+
```bash
138+
Username: vanessa
139+
Password: [password]
140+
```
141+
142+
Again, this can be in addition to specification of a custom registry with the `Registry` parameter.
143+
144+
#### Authentication in the Environment
145+
You can export the registry, and authentication token in environmental variables as follows. First, you should obtain your token using the command line. Here we do that and put it into an environmental variable, `CREDENTIAL`:
146+
147+
```bash
148+
CREDENTIAL=$(echo -n vanessa:[password] | base64)
149+
TOKEN=$(http 'https://auth.docker.io/token?service=registry.docker.io&scope=repository:vanessa/code-samples:pull' Authorization:"Basic $CREDENTIAL" | jq -r '.token')
150+
```
151+
152+
This should place the token in the environmental variable `TOKEN`. To test that your token is valid, you can do the following
153+
154+
```bash
155+
http https://index.docker.io/v2/vanessa/code-samples/tags/list Authorization:"Bearer $TOKEN"
156+
```
157+
158+
Once you have confirmed, then you can export the variables for Singularity as follows:
159+
160+
```bash
161+
export SINGULARITY_DOCKER_REGISTRY='--registry myrepo'
162+
export SINGULARITY_DOCKER_AUTH='--username vanessa --password [password]'
163+
```
164+
130165

131166
### Run a Singularity Shell from a Docker image
132167

0 commit comments

Comments
 (0)