7a3bc6efd4
buildah push and from now use the credentials stored in ${XDG_RUNTIME_DIR}/containers/auth.json by kpod login
if the auth file path is changed, buildah push and from can get the credentials from the custom auth file
using the --authfile flag
e.g buildah push --authfile /tmp/auths/myauths.json alpine docker://username/image
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Closes: #325
Approved by: rhatdan
3.4 KiB
buildah-from "1" "March 2017" "buildah"
NAME
buildah from - Creates a new working container, either from scratch or using a specified image as a starting point.
SYNOPSIS
buildah from [options [...]] imageName
DESCRIPTION
Creates a working container based upon the specified image name. If the supplied image name is "scratch" a new empty container is created. Image names uses a "transport":"details" format.
Multiple transports are supported:
dir:path An existing local directory path retrieving the manifest, layer tarballs and signatures as individual files. This is a non-standardized format, primarily useful for debugging or noninvasive container inspection.
docker://docker-reference (Default)
An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in $XDG_RUNTIME_DIR/containers/auth.json, which is set e.g. using (kpod login).
docker-archive:path
An image is retrieved as a docker load formatted file.
docker-daemon:docker-reference An image docker-reference stored in the docker daemon internal storage. docker-reference must contain either a tag or a digest. Alternatively, when reading images, the format can also be docker-daemon:algo:digest (an image ID).
oci:path:tag An image tag in a directory compliant with "Open Container Image Layout Specification" at path.
ostree:image[@/absolute/repo/path] An image in local OSTree repository. /absolute/repo/path defaults to /ostree/repo.
RETURN VALUE
The container ID of the container that was created. On error, -1 is returned and errno is returned.
OPTIONS
--authfile path
Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json
which is set using kpod login
--cert-dir path
Use certificates at path (*.crt, *.cert, *.key) to connect to the registry
--creds creds
The username[:password] to use to authenticate with the registry if required.
--name name
A name for the working container
--pull
Pull the image if it is not present. If this flag is disabled (with --pull=false) and the image is not present, the image will not be pulled. Defaults to true.
--pull-always
Pull the image even if a version of the image is already present.
--quiet
If an image needs to be pulled from the registry, suppress progress output.
--signature-policy signaturepolicy
Pathname of a signature policy file to use. It is not recommended that this option be used, as the default behavior of using the system-wide default policy (frequently /etc/containers/policy.json) is most often preferred.
--tls-verify bool-value
Require HTTPS and verify certificates when talking to container registries (defaults to true)
EXAMPLE
buildah from imagename --pull
buildah from docker://myregistry.example.com/imagename --pull
buildah from imagename --signature-policy /etc/containers/policy.json
buildah from docker://myregistry.example.com/imagename --pull-always --name "mycontainer"
buildah from myregistry/myrepository/imagename:imagetag --tls-verify=false
buildah from myregistry/myrepository/imagename:imagetag --creds=myusername:mypassword --cert-dir ~/auth
buildah from myregistry/myrepository/imagename:imagetag --authfile=/tmp/auths/myauths.json
SEE ALSO
buildah(1) kpod-login(1)