Configure docker registry
Specifies the docker registry that is used to push and save the built docker images of the solutions.
- Open the
docker-registry-controller - Use
POSTmethodAdds a docker registryfor creating the configuration.
Request parameters
| Parameter | TYPE | Description |
|---|---|---|
dockerRegistryName |
path parameter (String) | The name of the configuration:
ssob-sdo-docker-push |
data |
body parameter (YAML) | The configration values (Body Parameters) |
Configuration Parameters (body parameters)
The following table lists the required configurable parameters for the configuration.
| Parameter | Description |
|---|---|
registry |
The internal k8s service address of the OpenShift registry
service including the namespace, where the Solution Hub was installed, e.g.
image-registry.openshift-image-registry.svc.cluster.local:5000/cpd |
certificate |
The tls certificate of the OpenShift image
registry (see Getting tls certificate of internal image registry
) |
user |
User for the docker registry (see Getting password for the internal image registry) |
password |
Password or token for the docker registry (see Getting password for the internal image registry) |
Example body parameter (data)
registry:image-registry.openshift-image-registry.svc.cluster.local:5000/cpd
certificate: |
-----BEGIN CERTIFICATE-----
MIIFlTCCBH... ...Snh6/DNFu0Qg==
-----END CERTIFICATE-----
user: builder
password: eyJ...EWR.eyJ...erDS.zCP...BQ5Getting tls certificate of internal image registry
The tls certificate can be found, e.g. with:
oc -n openshift-image-registry get secret image-registry-tls -o jsonpath='{.data.tls\.crt}' | base64 -dGetting user and password for the internal image registry
The service account builder of the namespace, where cpd was installed,
can be used as docker user (see files/ssob-image-push-serviceaccount.yaml).
For example, the password for the docker user can be found by:
oc -n cpd get secret builder-dockercfg-j8mdg -o jsonpath='{.data.\.dockercfg}' | base64 -dUse one of the passwords from this json string.
Note: This user should be able to push images into other namespaces. Therefore a rolebinding was created within the
ssob_admin_setup.sh script, that associates this user to the role system:image-builder.