Support credentials from maven settings.xml for DockerRegistry
it would be helpful if secrets like credentials for docker registries could be hidden from the plugin configuration in the pom.xml. Username and password can be loaded from the server section in the maven settings.xml when the server id matches the hostname of the docker registry.
Comment From: scottfrederick
There is an existing issue to support Docker credentials read from the standard Docker settings location (e.g. ~/.docker/config.json
). The config.json
approach has several advantages over a Maven settings.xml
approach, including consistency between the Maven and Gradle plugins, consistency with other Docker tooling, and better support for credential fields beyond username and password (as is typically required by registries such as Amazon Elastic Container Registry and Google Cloud Container Registry).
I would not be in favor of supporting three sources of credentials (pom.xml
, config.json
, and settings.xml
) since this would require more documentation to clarify the order of precedence of the sources and generally seems like overkill.
@markusschaefer Would the config.json
approach meet your needs?
Comment From: markusschaefer
@scottfrederick I don't need the support of the maven settings for my local machine. I need this for our jenkins build server. The maven settings are saved as managed file in jenkins and the credentials are saved in jenkins too. the builds are scheduled on different nodes. With your suggestion I would have to save the secrets in different docker eingines on different nodes.
Comment From: scottfrederick
In #25898 we're proposing that the Spring Boot plugins read a config.json
file to get Docker credentials. The Docker daemon wouldn't be involved in reading the file. The plugins can look for a config.json
file in default locations like ~/.docker
but also make the location configurable. So you could store the file as a managed file in Jenkins just like you would a settings.xml
file and tell the plugins where to look for it.
Comment From: markusschaefer
Ok, I'll give it a try when #25898 is available. Thanks for the support