Container Sources

How to use different types of container sources with Code Pipes

Container Sources

Code Pipes is designed to seamlessly integrate with various container sources, providing flexibility and convenience in managing containerized applications. It supports a wide range of popular Docker registries, including Dockerhub, GCR (Google Container Registry), ECR (Amazon Elastic Container Registry), and ACR (Azure Container Registry).

Dockerhub Credentials

To use Dockerhub as a container source in Code Pipes, you need to set up your Dockerhub credentials. Follow these steps:

  1. Go to the Dockerhub website (https://hub.docker.com/) and sign in or create a new account if you don't have one.
  2. Once logged in, go to your account settings.
  3. Navigate to the "Security" or "Account Settings" section and find the "Access Tokens" or "API Keys" option.
  4. Generate a new access token or API key. Give it a name and optionally specify any necessary permissions.
  5. Once the token is generated, securely copy it. This token will serve as your Dockerhub credentials.

Creating container credentials

cred-create-docker-hub

Assigning container credentials

cred-container-assignment

GCR (Google Container Registry) Credentials

If you haven't created a GCR container repository, follow these steps:

  1. Go to the Google Cloud Console (https://console.cloud.google.com/) and select or create the project where you want to create the GCR repository.
  2. In the navigation menu, click on "Container Registry."
  3. Click on the "CREATE REPOSITORY" button.
  4. Provide a name for your repository.
  5. Optionally, you can specify a region for the repository.
  6. Click on the "CREATE" button to create the repository.

To use GCR as a container source in Code Pipes, you need to configure GCR credentials by creating a service account. This service account should have the following permissions assigned:

  • Cloud Source Repositories: The service account should have at least "Cloud Source Repositories Viewer" role assigned to access the GCR repositories.
  • Container Registry: The service account should have at least "Storage Object Viewer" role assigned to pull container images from GCR repositories.

By using the same service account with these permissions, you can seamlessly access GCR repositories and other Google Cloud Platform resources within Code Pipes.

ECR (Amazon Elastic Container Registry) Credentials

If you haven't created an ECR container repository, follow these steps:

  1. Go to the AWS Management Console (https://console.aws.amazon.com/) and navigate to the ECR service.
  2. In the navigation pane, click on "Repositories."
  3. Click on the "CREATE REPOSITORY" button.
  4. Enter a name for your repository.
  5. Optionally, you can define a tag immutability setting or repository permissions.
  6. Click on the "CREATE REPOSITORY" button to create the repository.

To use ECR as a container source in Code Pipes, you can utilize the same AWS cloud credentials with the following permissions assigned to the IAM user or role:

  • AmazonEC2ContainerRegistryReadOnly: The IAM user or role should have this policy attached to grant read-only access to ECR repositories.

These credentials will allow Code Pipes to authenticate and access your ECR repositories.

ACR (Azure Container Registry) Credentials

If you haven't created an ACR container repository (optional), follow these steps:

  1. Go to the Azure portal (https://portal.azure.com) and select or create the Azure subscription and resource group where you want to create the ACR.
  2. In the Azure portal, search for "Container registries" and select it.
  3. Click on the "+ Add" button to create a new container registry.
  4. Provide a name for your registry.
  5. Select the subscription, resource group, and region.
  6. Choose the pricing tier and SKU for the registry.
  7. Set the admin user access or enable Azure Active Directory authentication.
  8. Click on the "Review + Create" button and then click on "Create" to create the registry.

To use ACR as a container source in Code Pipes, you can utilize the same Azure cloud credentials with the following permissions assigned:

  • AcrPull: The user or service principal should have this role assigned to grant read access to ACR repositories.
  • AcrPush: The user or service principal should have this role assigned to grant read and write access to ACR repositories.

These credentials will enable Code Pipes to authenticate and access your ACR repositories.

By following these steps and assigning the specific permissions mentioned, you can acquire the necessary credentials for Dockerhub, GCR, ECR, and ACR, allowing you to authenticate and access these container sources within Code Pipes.