How to provide an image pull secret when using "--image-repository" with an internal registry that does not allow anonymous pull requests? · kubernetes/minikube#10019

(9 comments) (0 reactions) (0 assignees)Go (31,799 stars) (5,222 forks)batch import

area/registryhelp wantedkind/featurelifecycle/frozenpriority/backlog

Description

After a bit of a hiatus, I have been revisiting the whole topic of running minikube from purely local sources (i.e., any images should come from our own private registry). I revisted the issue https://github.com/kubernetes/minikube/issues/8298 that I created in June. The first problem I am running into is that our internal registry does not support anonymous pull access. In the above mentioned issue, @tstromberg mentioned two sources on how to provide a pull secret - but all of the already require a running cluster, as they both boil down to enabling the registry-creds plugin:

minikube addons configure registry-creds

But at that point all the infrastructure images would already have to be there, no? Further, this add-on only allows me to specify creds for ECR, GCR, Dockerhub or ACR - what about my own registry?

Contributor guide

Tech stack: godockerkubernetes
Domain: cliinfrastructuredevops
Issue type: feature
Difficulty: 4
Estimated time: 1-2 days
Activity status: stale
Clarity: mostly clear
Prerequisites: DockerKubernetes basicsminikubeprivate container registry
Newbie friendliness: 35
Research direction: Start by examining the image repository flag implementation in the minikube codebase, likely in pkg/minikube/constants or pkg/minikube/cluster. Investigate how the registry creds addon works to understand the current secret injection mechanism. Consider whether the image repository flag can accept an option for a secret reference, or if a new flag is needed. Review related issues and PRs, particularly #8298 mentioned in the issue body.