Reading Time: < 1 minute
Ubuntu: 18.04
Docker: 18.09.5
docker-credential-pass: 0.6.2
pass: 1.7.1
gpg2: 2.2.4
Since my setup is for CI/CD I have a bamboo user to deploy my docker containers to Docker Hub and deploy to my production servers. Your use case may vary, but if you want your credentials to persist longer than a couple of hours before your system starts asking you to re-enter your passphrase this might work for you.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
|
# First install apps we'll need sudo apt upgrade && apt install pass gnupg2 tmux # Download docker-credential-pass wget https://github.com/docker/docker-credential-helpers/releases/download/v0.6.2/docker-credential-pass-v0.6.2-amd64.tar.gz # Unpack tar xvf docker-credential-pass-v0.6.2-amd64.tar.gz # Move into /usr/bin sudo mv docker-credential-pass /usr/bin # Check to see if it's working should return {} docker-credential-pass list # Here is where my setup will diverge # I login to my bamboo user su - [username] # I run tmux tmux vi ~/.gnupg/gpg-agent.conf |
My gpg-agent.conf file looks like this:
|
default-cache-ttl 315569520 max-cache-ttl 315569520 |
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
|
# Restart gpg-agent echo RELOADAGENT | gpg-connect-agent # Generate key gpg2 --full-generate-key # You'll get an output with a key, copy it to use pass init DXXXXXXXXXXXXXX6E1AFXXXXXXXXXXB9XXXX497 # Enter a password pass insert docker-credential-helpers/docker-pass-initialized-check # You should get a return of {} instead of 'pass store is uninitialized' docker-credential-pass list # login to docker docker login # Check to see if it is stored docker-credential-pass list # should return something like {"https://index.docker.io/v1/":"[username]"} |
This worked for me. Also note the default-cache-ttl value is in seconds, the values I used is 10 years in seconds.