In Kubernetes, to log in to a private container registry, you need to create a secret that contains your login credentials. The following command shows how to create a secret for logging in to a private container registry hosted on GitHub Container Registry (ghcr.io):
kubectl create secret docker-registry ghcr-login-secret --docker-server=https://ghcr.io --docker-username=$YOUR_GITHUB_USERNAME --docker-password=$YOUR_GITHUB_TOKEN --docker-email=$YOUR_EMAIL
In the above command, replace $YOUR_GITHUB_USERNAME
, $YOUR_GITHUB_TOKEN
, and $YOUR_EMAIL
with your GitHub username, personal access token (PAT), and email address respectively.
Once the secret is created, you can use it in your Kubernetes deployment manifest to authenticate with the private container registry. For example, you can add the following to your deployment manifest:
spec:
imagePullSecrets:
- name: ghcr-login-secret
This will tell Kubernetes to use the ghcr-login-secret
secret to pull images from ghcr.io
.
That's it! You have successfully set up authentication for your private container registry in Kubernetes.
K8s to pull private image from Github container registry (ghcr) using GITHUB_TOKEN