8:05 a.m.
Hi,
is it possible to have podman use multiple secrets for a single registry?
Context: I'm trying to run a higher-level operation (to create an OpenShift
release image using 'oc adm release new') that seems to invoke podman
behind the scenes. Making OCP releases is far from my usual line of work,
I'm not familiar with the process and I'm not sure what exactly it does but
apparently, it needs authorised access to several repos on quay.io. This
might not be the case for making a regular OCP release but I'm overriding
one of the OCP components with an image stored under my quay.io account
while the rest of the component images come from a default location,
apparently also on quay.io. The trouble seem to be that to work with my
override my secret is needed while to access default OCP images an OCP
secret is needed.
Since podman is run here as part of a more complex process rather than
just individual manual invocations, I cannot do a auth.json file juggling
that I do otherwise. A workaround tested by my coworker seems to be to
make an account at a different registry (docker.io) and store the override
component image there. I can do this but it seems ugly so I was wondering
if there was a better way?
Thanks in advance,
pvl