Support dynamic registry tokens, add wrapper for working with registry microservice #1637
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
manics
changed the title
manics
force-pushed
the
registry-dynamic-token
branch
from
3fbfe6b to
b3682df
Compare
manics
force-pushed
the
registry-dynamic-token
branch
2 times, most recently
from
06f105e to
c38e5f3
Compare
manics
force-pushed
the
registry-dynamic-token
branch
2 times, most recently
from
0b1eba8 to
53fe226
Compare
manics
force-pushed
the
registry-dynamic-token
branch
from
53fe226 to
b92fdfb
Compare
manics
changed the title
|
Anyone else have thoughts on this? @stevejpurves is interested in using it. |
|
@yuvipanda do you have any thoughts on this? |
|
This has been ready for 6 months, and it's effectively been in production (though being overriden in https://github.com/jupyterhub/mybinder.org-deploy/blob/b9439b5b15263ff703ea46c07bfd6c4584d1422c/config/curvenote.yaml#L59-L148) so merging! |
consideRatio
pushed a commit
to jupyterhub/helm-chart
that referenced
this pull request
Jan 14, 2025
jupyterhub/binderhub#1637 Merge pull request #1637 from manics/registry-dynamic-token
|
Sorry for dropping this @manics! Happy for you to have merged this! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a companion for jupyterhub/repo2docker#1245 that allows dynamic credentials t be used for pushing to a registry. This is required for e.g. ECR where the token used to login to the reigistry expires.
This also implements the non-vendor specific parts of
#1623
Closes #705
You can see an example implementation of the microservice side in
https://github.com/manics/binderhub-container-registry-helper
This is working with AWS ECR using an IRSA role for the microservice.
It's written in Go as I wanted to learn it, but if we choose to pursue this rewriting it in Python (or Javascript, or any other language) shouldn't be too difficult.