Skip to content

Instantly share code, notes, and snippets.

@nickboldt
Last active February 26, 2024 13:55
Show Gist options
  • Save nickboldt/84bea28da11ec5aab549c182818356e0 to your computer and use it in GitHub Desktop.
Save nickboldt/84bea28da11ec5aab549c182818356e0 to your computer and use it in GitHub Desktop.
add tokens/pwds for quay.io (and/or for registry.redhat.io) to your openshift's global (if admin) or per-project (if not admin) pull secret
#!/bin/bash
# set your own logins!
QUAY_USER="****"
QUAY_TOKEN="****"
RRIO_USERNAME="****"
RRIO_PASSWORD="****"
# login to quay.io
REGISTRY="quay.io"
echo -n "[INFO]: Log into $REGISTRY ... "
echo "${QUAY_TOKEN}" | skopeo login -u="${QUAY_USER}" --password-stdin ${REGISTRY}
# login to registry.redhat.io
REGISTRY="registry.redhat.io"
echo -n "[INFO]: Log into $REGISTRY ... "
echo "${RRIO_PASSWORD}" | skopeo login -u="${RRIO_USERNAME}" --password-stdin ${REGISTRY}
# if you're an admin on the cluster, you can get the global secret and update it for your personal registry logins
# this is not recommmended on a shared cluster but fine on clusterbot or CRC or other cluster for which you're admin
oc get secret/pull-secret -n openshift-config --template='{{index .data ".dockerconfigjson" | base64decode}}' >/tmp/oc_secret
oc registry login --registry="quay.io" --auth-basic="$QUAY_USER:$QUAY_TOKEN" --to=/tmp/oc_secret
oc registry login --registry="registry.redhat.io" --auth-basic="$RRIO_USERNAME:$RRIO_PASSWORD" --to=/tmp/oc_secret
oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=/tmp/oc_secret
# for non-admin user, see script below.
# alternative approach, for non-admin user
# copy your quay secret to a file and set metadata.name == rhdh-pull-secret (not the default exported from quay.io!!)
cat <<EOF > /tmp/my_quay_secret
apiVersion: v1
kind: Secret
metadata:
name: rhdh-pull-secret
data:
.dockerconfigjson: ==your-quay-login-secret-goes-here===
type: kubernetes.io/dockerconfigjson
EOF
# now add the secret to your backstage project
oc new-project mybackstage
oc create -f /tmp/my_quay_secret -n mybackstage
@nickboldt
Copy link
Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment