docker / docker-credential-helpers

Docker Integration - docker/docker-credential-helpers

To configure docker-credential-helpers for seamless integration with Docker Engine, you need to use the credsStore option in the ~/.docker/config.json file. This option allows you to specify a credential store that Docker will use to store and retrieve authentication information for accessing Docker registries.

The docker-credential-helpers project on GitHub (https://github.com/docker/docker-credential-helpers) provides a set of credential helpers for different platforms and environments. The available options include:

  • osxkeychain for macOS
  • wincred for Windows
  • secretservice for Linux (GNOME Keyring, KWallet, etc.)
  • pass for Linux (GNU Pass)
  • ecr-login for Amazon ECR
  • vault for HashiCorp Vault

To configure the credential store, you need to add the credsStore option to the config.json file in your Docker configuration directory (~/.docker/ by default). Here’s an example configuration that uses the secretservice credential store:

{
"auths": {
"https://index.docker.io/v1/": {}
},
"credsStore": "secretservice"
}

You can also specify multiple credential helpers for different registries using the credHelpers option. Here’s an example configuration that uses the ecr-login helper for the my-ecr-registry.region.amazonaws.com registry:

{
"auths": {
"https://index.docker.io/v1/": {},
"my-ecr-registry.region.amazonaws.com": {}
},
"credHelpers": {
"my-ecr-registry.region.amazonaws.com": "ecr-login"
},
"credsStore": "secretservice"
}

To install the docker-credential-helpers on your system, you can follow the instructions in the project’s GitHub repository (https://github.com/docker/docker-credential-helpers#installation).

Sources: