docker / docker-credential-helpers

Docker Configuration for Credential Helpers

credsStore Option

The credsStore option within the ~/.docker/config.json file controls which credential helper Docker uses to store and retrieve credentials. By default, Docker uses the pass helper.

Example:

{
            "credsStore": "pass"
          }

Documentation Source:

https://docs.docker.com/engine/reference/commandline/config/

Supported Credential Helpers

Docker supports various credential helpers, each offering different functionalities and security measures. You can configure Docker to use a specific helper by setting the credsStore option in ~/.docker/config.json.

pass Helper (Default)

The pass helper uses the pass command-line utility for secure password storage. It is the default helper in Docker and provides a reliable method for storing credentials.

Example:

{
            "credsStore": "pass"
          }

Documentation Source:

https://www.passwordstore.org/

osxkeychain Helper

The osxkeychain helper uses macOS Keychain for storing and retrieving credentials. This option is suitable for macOS users who prefer using the Keychain for password management.

Example:

{
            "credsStore": "osxkeychain"
          }

Documentation Source:

https://developer.apple.com/documentation/security/keychain

secretservice Helper

The secretservice helper leverages the GNOME Keyring for storing and retrieving credentials. This option is suitable for Linux distributions that use GNOME Keyring for password management.

Example:

{
            "credsStore": "secretservice"
          }

Documentation Source:

https://www.freedesktop.org/wiki/Software/secrets

wincred Helper

The wincred helper uses the Windows Credential Manager for storing and retrieving credentials. This option is suitable for Windows users who prefer using the Credential Manager for password management.

Example:

{
            "credsStore": "wincred"
          }

Documentation Source:

https://docs.microsoft.com/en-us/windows/win32/secauthz/credential-management

azure Helper

The azure helper allows Docker to authenticate against Azure Container Registry using Azure Active Directory credentials.

Example:

{
            "credsStore": "azure"
          }

Documentation Source:

https://docs.microsoft.com/en-us/azure/container-registry/docker-credential-helper-azure

ecr Helper

The ecr helper enables Docker to authenticate against Amazon ECR (Elastic Container Registry) using AWS credentials.

Example:

{
            "credsStore": "ecr"
          }

Documentation Source:

https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-credential-ecr.html

gcr Helper

The gcr helper allows Docker to authenticate against Google Container Registry (GCR) using Google Cloud credentials.

Example:

{
            "credsStore": "gcr"
          }

Documentation Source:

https://cloud.google.com/container-registry/docs/docker-credential-gcr