From 747717101e094d44f7cb1b197fe7aed73af7f2a5 Mon Sep 17 00:00:00 2001 From: Michal Fojtik Date: Fri, 15 May 2015 10:06:35 +0200 Subject: [PATCH] Add PullSecret and update PushSecret and SourceSecret documentation --- architecture/core_objects/builds.adoc | 52 ++++++++++++++++++++++----- 1 file changed, 44 insertions(+), 8 deletions(-) diff --git a/architecture/core_objects/builds.adoc b/architecture/core_objects/builds.adoc index 592ea9c59dbb..4c8629419785 100644 --- a/architecture/core_objects/builds.adoc +++ b/architecture/core_objects/builds.adoc @@ -98,12 +98,13 @@ leverage for your applications. Custom builds are the most sophisticated version of builds, allowing developers to define a builder image which is responsible for the entire process of the build. The custom builder image is a plain Docker image within which the author embeds the logic of the desired build process, such as building RPMs or building base Docker images. -[#using-docker-credentials-for-pushing-images] -== Using Docker Credentials for Pushing Images +[#using-docker-credentials-for-pushing-and-pulling-images] +== Using Docker Credentials for Pushing and Pulling Images -In case you want to push the output image into private Docker registry that -requires authentication or Docker Hub, you must supply a `.dockercfg` file -with valid Docker registry credentials. +In case you want to push the output image into a private Docker Registry or pull +the builder image from the private Docker Registry that requires authentication +or Docker Hub, you have to supply the `.dockercfg` file with valid Docker +Registry credentials. The *_.dockercfg_* JSON file usually exists in your home directory and has following format: @@ -163,10 +164,43 @@ $ osc create -f secret.json ---- ==== -Once you have the `*Secret*` created, you can add a `PushSecretName` field into +Once you have the `*Secret*` created, you can add a `PushSecret` field into `Output` section inside the `BuildConfig` and set it to the name of the `*Secret*` that you created, in this case `*dockerhub*`. +``` +"parameters": { + "output": { + "to": { + "name": "private-image" + }, + "pushSecret":{ + "name":"dockerhub" + } + } +} +``` + +For pulling the builder Docker image from a private Docker registry, you have to specify +the `PullSecret` field, which is part of the build strategy definition: + +``` +{ + "strategy": { + "stiStrategy": { + "from": { + "kind": "DockerImage", + "name": "docker.io/user/private_repository" + }, + "pullSecret": { + "name": "dockerhub" + }, + }, + "type": "STI" + } +} +``` + [#using-private-repositories-for-builds] == Using private repositories for builds @@ -233,7 +267,7 @@ $ osc create -f secret.json ---- ==== -Once you have the `*Secret*` created, you can add a `SourceSecretName` field into +Once you have the `*Secret*` created, you can add a `SourceSecret` field into `Source` section inside the `BuildConfig` and set it to the name of the `*Secret*` that you created, in this case `*scmsecret*`: @@ -256,7 +290,9 @@ Once you have the `*Secret*` created, you can add a `SourceSecretName` field int "git": { "uri": "git@repository.com:user/app.git" }, - "sourceSecretName": "scmsecret", + "sourceSecret": { + "name": "scmsecret" + }, "type": "Git" }, "strategy": {