Store service credentials securely in the stores supported by docker:
- https://github.com/docker/docker-credential-helpers#available-programs
Introduces a top-level config property, "secretStore" and additional
command line arguments to manage the stored secrets.
The value of secretStore is used to find a helper command,
`docker-credential-<secretStore>`.
The docker project currently provides 4 store helpers:
- "osxkeychain" (OS X only)
- "secretservice" (Linux only)
- "wincred" (Windows only)
- "pass" (any OS supporting pass, which uses gpg2)
Docker-for-desktop installs the credential helpers above, as well as
"desktop" (docker-credential-desktop).
Generic installation instructions for the helpers:
- https://github.com/docker/docker-credential-helpers#installation
Users could provide additional helpers, the only requirement is that the
helper implements the credential store protocol:
- https://github.com/docker/docker-credential-helpers#development
The credential protocol is open, and new credential stores can be
implemented by any CLI satisfying the protocol:
- https://github.com/docker/docker-credential-helpers#development
The modifications to existing modules is not tested due to lack
of API keys, but demonstrates the unobtrusive changes required to
use the secret store.
