pydo.registry.get_docker_credentials()

Description

In order to access your container registry with the Docker client or from a Kubernetes cluster, you will need to configure authentication. The necessary JSON configuration can be retrieved by sending a GET request to /v2/registry/docker-credentials.

The response will be in the format of a Docker config.json file. To use the config in your Kubernetes cluster, create a Secret with:

kubectl create secret generic docr \
  --from-file=.dockerconfigjson=config.json \
  --type=kubernetes.io/dockerconfigjson

By default, the returned credentials have read-only access to your registry and cannot be used to push images. This is appropriate for most Kubernetes clusters. To retrieve read/write credentials, suitable for use with the Docker client or in a CI system, read_write may be provided as query parameter. For example: /v2/registry/docker-credentials?read_write=true

By default, the returned credentials will not expire. To retrieve credentials with an expiry set, expiry_seconds may be provided as a query parameter. For example: /v2/registry/docker-credentials?expiry_seconds=3600 will return credentials that expire after one hour.

Parameters

Name Type Required Description Default Value
expiry_seconds integer False The duration in seconds that the returned registry credentials will be valid. If not set or 0, the credentials will not expire. 0
read_write boolean False By default, the registry credentials allow for read-only access. Set this query parameter to true to obtain read-write credentials. False

Request Sample

import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.registry.get_docker_credentials()

Responses

See the API spec for this endpoint to view additional detail on responses, headers, parameters, and more.

A Docker config.json file for the container registry.

Click to expand an example response.
{
  "auths": {
    "registry.digitalocean.com": {
      "auth": "YjdkMDNhNjk0N2IyMTdlZmI2ZjNlYzNiZDM1MDQ1ODI6YjdkMDNhNjk0N2IyMTdlZmI2ZjNlYzNiZDM1MDQ1ODIK"
    }
  }
}

Unauthorized

Click to expand an example response.
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}

API Rate limit exceeded

Click to expand an example response.
{
  "id": "too_many_requests",
  "message": "API Rate limit exceeded."
}

Server error.

Click to expand an example response.
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}

Unexpected error

Click to expand an example response.
{
  "id": "example_error",
  "message": "some error message"
}