From d33461cefdd7daa91982406cd046afd421894e01 Mon Sep 17 00:00:00 2001 From: Qi Wang Date: Thu, 4 Jun 2020 10:14:00 -0400 Subject: [PATCH] Add documentation for credHelper Add documentation for credHelper. Close https://github.com/containers/libpod/issues/1675 Signed-off-by: Qi Wang --- docs/containers-auth.json.5.md | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/docs/containers-auth.json.5.md b/docs/containers-auth.json.5.md index 592c7cdf1..c3232d0c4 100644 --- a/docs/containers-auth.json.5.md +++ b/docs/containers-auth.json.5.md @@ -37,8 +37,28 @@ their accounts on quay.io and docker.io: An entry can be removed by using a `logout` command from a container tool such as `podman logout` or `buildah logout`. +In addition, credential helpers can be configured for specific registries and the credentials-helper +software can be used to manage the credentials in a more secure way than depending on the base64 encoded authentication +provided by `login`. If the credential helpers are configured for specific registries, the base64 encoded will not be used +for operations concerning credentials of the specified registries. + +When the credential helper is in use on a Linux platform, the auth.json file would contain keys specify the registry domain, and values specify the suffix of the program to use (i.e. everything after docker-credential-). For example: + +``` +{ + "auths": { + "localhost:5001": {} + }, + "credHelpers": { + "registry.example.com": "secretservice" + } +} +``` + +For more information on Docker credential stores, please reference the [GitHub docker-credential-helpers project](https://github.com/docker/docker-credential-helpers/releases). + # SEE ALSO - buildah-login(1), buildah-logout(1), podman-login(1), podman-logout(1) + buildah-login(1), buildah-logout(1), podman-login(1), podman-logout(1), , skopeo-login(1), skopeo-logout(1) # HISTORY Feb 2020, Originally compiled by Tom Sweeney