imagepullsecret-patcher
A simple Kubernetes client-go application that creates and patches imagePullSecrets to service accounts in all Kubernetes namespaces to allow cluster-wide authenticated access to private container registry. (by titansoft-pte-ltd)
go-containerregistry
Go library and CLIs for working with container registries (by google)
| imagepullsecret-patcher | go-containerregistry | |
|---|---|---|
| 1 | 18 | |
| 251 | 3,277 | |
| - | 1.3% | |
| 0.0 | 6.3 | |
| over 1 year ago | 10 days ago | |
| Go | Go | |
| MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
imagepullsecret-patcher
Posts with mentions or reviews of imagepullsecret-patcher.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-04-23.
-
Authenticated Docker Hub image pulls in Kubernetes
TitanSoft's imagepullsecret-patcher is a single-binary solution to replicating and using an image pull secret across all namespaces. It is not actively maintained, but the tool is simple enough that a small team should be able to patch and maintain a fork if needed. If you want to stick to other maintained open source tools, a reasonable solution can also be put together using external secrets operator. If you are operating a cluster at scale, you may already be using this. Red Hat's patch-operator can be used to attach the imported secrets to your service accounts across all namespaces, though there are some quirks to be wary of, due to the lack of a defined patch strategy for imagePullSecrets on service accounts.
go-containerregistry
Posts with mentions or reviews of go-containerregistry.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-11-23.
- Crane: Tool for interacting with remote images and registries
-
A gopher’s journey to the center of container images
I also explored another module, go-containerregistry, in order to build images without root privileges. The approach is completely different, and we can manipulate each component of the container image separately. This can present an advantage, if you're looking for a way to fine tune things.
-
Skip build if "${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHORT_SHA}" exists on container registry
Use crane ls in a different job to check the tags in the registry. Create an artifact from its output that you evaluate in your kaniko job to check if the build should run or not.
-
Docker: We’re No Longer Sunsetting the Free Team Plan
Multi-arch builds are easy to "transfer" IMHO
crane cp docker.io/openfaas/gateway:0.10.0 ghcr.io/openfaas/gateway:0.10.0
If you've not used it yet - do take a look. Crane doesn't pull the images into a local Docker library for re-tagging and re-pushing.
https://github.com/google/go-containerregistry/blob/main/cmd...
-
Weekly: This Week I Learned (TWIL?) thread
crane - tool to copy images from one repo to another - https://github.com/google/go-containerregistry/blob/main/cmd/crane/doc/crane.md
- Dockerhub to (likely?) delete a lot of organizations.
-
FYI: Docker is deleting Open Source organisations
pretty sure the crane being referred by alex is this one: https://github.com/google/go-containerregistry/tree/main/cmd/crane
-
Docker's deleting Open Source images and here's what you need to know
https://github.com/google/go-containerregistry/tree/main/cmd...
It was recommended in this article:
- Crafting container images without Dockerfiles
-
ImagePullPolicy: IfNotPresent - (image doesn’t exist in repo) - Is it possible to pull the micro service image from an EKS node and then push to repo?
Look at using tools like skopeo or crane
What are some alternatives?
When comparing imagepullsecret-patcher and go-containerregistry you can also consider the following projects:
patch-operator - An operator to apply patches to Kubernetes objects in a declarative way.
skopeo - Work with remote images registries - retrieving information, images, signing content
kops - Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
image-spec - OCI Image Format
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
crane - A Nix library for building cargo projects. Never build twice thanks to incremental artifact caching.