Store service credentials securely in the stores supported by docker:
- https://github.com/docker/docker-credential-helpers#available-programs
Introduces a top-level config property, "secretStore" and additional
command line arguments to manage the stored secrets.
The value of secretStore is used to find a helper command,
`docker-credential-<secretStore>`.
The docker project currently provides 4 store helpers:
- "osxkeychain" (OS X only)
- "secretservice" (Linux only)
- "wincred" (Windows only)
- "pass" (any OS supporting pass, which uses gpg2)
Docker-for-desktop installs the credential helpers above, as well as
"desktop" (docker-credential-desktop).
Generic installation instructions for the helpers:
- https://github.com/docker/docker-credential-helpers#installation
Users could provide additional helpers, the only requirement is that the
helper implements the credential store protocol:
- https://github.com/docker/docker-credential-helpers#development
The credential protocol is open, and new credential stores can be
implemented by any CLI satisfying the protocol:
- https://github.com/docker/docker-credential-helpers#development
The modifications to existing modules is not tested due to lack
of API keys, but demonstrates the unobtrusive changes required to
use the secret store.
* Another actions test
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Add BuildTest action
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Remove lint check for the time being (so many issues)
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Fix issues found by errcheck
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Fix errors found by staticcheck
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Fix issues found by goimports
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Comment out the action for the time being
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Fix shadowed variables
Signed-off-by: Chris Cummer <chriscummer@me.com>
* go mod tidy
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Remove buildtest.yml
Signed-off-by: Chris Cummer <chriscummer@me.com>
* go mod tidy
Signed-off-by: Chris Cummer <chriscummer@me.com>
* Upgrade godo to latest
* Fix a bunch of issues found by
* Running staticcheck on a codebase for the first time is a sobering experience
* go mod tidy
* More static improvements
Signed-off-by: Chris Cummer <chriscummer@me.com>
