[Containers] portus client certificates
fcastelli at suse.com
Wed Oct 28 03:20:08 MDT 2015
On 10/27/2015 11:17 PM, gordon wrote:
> How would I go about using client certificate authentication with portus?
> My CI runner is automatically given a cert from the local certificate
> authority. It would be best if I could use this to authenticate the
> builder so it can push images without requiring me to configure and
> securely pass user/pass for each project the runner builds.
To push images you have to use the Docker engine. Right the Docker
engine authenticates only with a username and password.
> Ideally, auth would allow for client cert or ldap auth. Is this possible?
> So that a user can log in with their ldap creds and the server can push
> with the client certificate configured for the docker client?
As stated above this would require quite some changes both into the
Docker engine and later into portus.
Right now you have to create a user on Portus and then use its
credentials on the CI runner.
We have been thinking about other possible solutions. Would you like the
possibility to create unique random passwords to give to specif
applications? I'm thinking about something like Google does with
More information about the Containers