Creating docker-registry secret using a YAML file

bgarcial · July 4, 2019, 2:35pm

Hi Kubernauts

How can I create a docker-registry secret using a yaml file?

I’ve already created from CLI using kubectl of this way:

kubectl create secret docker-registry regcred --docker-server=my-container-registry-url --docker-username=my-username --docker-password=my-password --docker-email=my-email

But my idea is create it from a YAML file, because I want to automate this secret creation process from Helm as a pre-install process.
So that I am trying to create it of this way from this file …

apiVersion: v1
kind: Secret
metadata:
  annotations:
    "helm.sh/hook": pre-install
    "helm.sh/hook-delete-policy": "before-hook-creation"
  name: regcred
type: kubernetes.io/dockercfg
data:
  dockerRegistry: my-container-registry-url
  dockerId: my-username
  dockerPassword: my-password

But I have the following output:

2019-07-04T14:23:42.1614520Z ##[error]Error: Secret "regcred" is invalid: data[.dockercfg]: Required value

How can I create it, I mean what type attribute should I include instead of type: kubernetes.io/dockercfg ?

rata · July 4, 2019, 4:39pm

I honestly don’t remember.

But, I think you can you create it from the command line, as you shown, and then do kubectl get secret to see them and then kubectl get secret -o yaml to show the yaml you can use to create it

macintoshprime · July 4, 2019, 4:41pm

You’ll have to generate a docker config.json behind the scenes I think. There are some docs that show the secret format here. Once you have the config.json you encode that and put that into the secret.

apiVersion: v1
kind: Secret
metadata:
  name: myregistrykey
  namespace: awesomeapps
data:
  .dockerconfigjson: UmVhbGx5IHJlYWxseSByZWVlZWVlZWVlZWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWxsbGxsbGxsbGxsbGxsbGxsbGxsbGxsbGxsbGxsbGx5eXl5eXl5eXl5eXl5eXl5eXl5eSBsbGxsbGxsbGxsbGxsbG9vb29vb29vb29vb29vb29vb29vb29vb29vb25ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubmdnZ2dnZ2dnZ2dnZ2dnZ2dnZ2cgYXV0aCBrZXlzCg==
type: kubernetes.io/dockerconfigjson

Olivier_Refalo · April 26, 2020, 9:29am

It’s all detailed here. https://blog.cloudhelix.io/using-a-private-docker-registry-with-kubernetes-f8d5f6b8f646

ebaum · September 2, 2020, 11:11pm

Hi, but it’s possible enable an insecure registry and pull image? I have a docker-registry in my private network, i made the certificate with openssl, but when i try to create a pod gave me the error x509?
Any sugestions?

Pratima · December 4, 2023, 11:19am

Hi ,
You can try this command to get yaml file (file-name.yaml)

kubectl create secret docker-registry regcred --docker-server=my-container-registry-url --docker-username=my-username --docker-password=my-password --docker-email=my-email -o yaml --dry-run=client > file-name.yaml

Topic		Replies	Views
Docker secret with empty username and password General Discussions	0	1456	March 5, 2019
I want to consult General Discussions	1	1973	October 2, 2019
Error: failed to create secret Post "http://localhost:8080/api/v1/namespaces/default/secrets?fieldManager=kubectl-create&fieldValidation=Strict": dial tcp [::1]:8080: connect: connection refused General Discussions development	0	1099	February 1, 2024
Error: failed to create secret Post "https://192.168.1.2:6443/api/v1/namespaces/default/secrets?fieldManager=kubectl-create&fieldValidation=Strict": tls: failed to verify certificate: x509: certificate signed by unknown authority General Discussions development	1	3048	February 4, 2024
Using an external private secure registry with microk8s microk8s	2	5991	March 28, 2019

Creating docker-registry secret using a YAML file

Related topics