[FOLIO-3314] Set up Docker Team for FOLIO Project Created: 18/Oct/21 Updated: 23/Mar/23 |
|
| Status: | In Progress |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | TBD |
| Reporter: | Peter Murray | Assignee: | Peter Murray |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Attachments: |
|
||||||||||||
| Issue links: |
|
||||||||||||
| Sprint: | DevOps Sprint 160 | ||||||||||||
| Development Team: | FOLIO DevOps | ||||||||||||
| Description |
|
Currently, we use one Docker Hub account called 'folio' which is currently under the "Docker personal plan" (i.e the free tier). Under this account there are three "organizations" - folioorg, folioci, and foliolib. 'folioorg' and 'folioci' are essentially docker hub namespaces for FOLIO releases and snapshots respectively. 'foliolib' is currently unused. Under this "personal plan", we are a bit limited in what we can do. For example:
What I'd like to accomplish is the ability for repos in github.com/library-data-platform to publish artifacts to the folioorg namespace for ldp, etc via Github Actions workflows. However, I do not want that github org to use the same Jenkins credentials that folio-org uses to publish to the folioorg namespace. I feel like that's a bit dangerous since those credentials are too permissive. I'd prefer to use an account with credentials that can only write to certain docker hub repos. However, I'm unable to accomplish this due to the limitations above. Ultimately, it would be kind of cool to be able to publish FOLIO docker artifacts (modules, etc) from different github repositories (or anywhere else) to the Docker Hub folioorg namespace. In order to do this safely, however, we need additional capacity to add additional members and teams to this Docker Hub account. I feel like we can accomplish this by upgrading the Docker Hub 'folio' account to the "Team plan" and start with 5 members initially. The cost would be $35 per month and would also get additional Docker Hub features. |
| Comments |
| Comment by Peter Murray [ 18/Oct/21 ] |
|
From: Peter Murray <peter.murray@openlibraryfoundation.org> _Currently, we use one Docker Hub account called 'folio' which is currently under the "Docker personal plan" (i.e the free tier). Under this account there are three "organizations" - folioorg, folioci, and foliolib. 'folioorg' and 'folioci' are essentially docker hub namespaces for FOLIO releases and snapshots respectively. 'foliolib' is currently unused. Under this "personal plan", we are a bit limited in what we can do. For example: _What I'd like to accomplish is the ability for repos in github.com/library-data-platform to publish artifacts to the folioorg namespace for ldp, etc via Github Actions workflows. However, I do not want that github org to use the same Jenkins credentials that folio-org uses to publish to the folioorg namespace. I feel like that's a bit dangerous since those credentials are too permissive. I'd prefer to use an account with credentials that can only write to certain docker hub repos. However, I'm unable to accomplish this due to the limitations above. _Ultimately, it would be kind of cool to be able to publish FOLIO docker artifacts (modules, etc) from different github repositories (or anywhere else) to the Docker Hub folioorg namespace. In order to do this safely, however, we need additional capacity to add additional members and teams to this Docker Hub account. I feel like we can accomplish this by upgrading the Docker Hub 'folio' account to the "Team plan" and start with 5 members initially. The cost would be $35 per month and would also get additional Docker Hub features._
|
| Comment by Peter Murray [ 29/Nov/21 ] |
|
Resent email to William Quiviger. |
| Comment by Peter Murray [ 23/Mar/23 ] |
|
It looks like the FOLIO organization on Docker Hub is affected by this. From: What to know about the end of Docker Free Teams...
How can I see if I’m affected?Please consult the Organizations page of your Docker account; any affected organizations are labeled “Docker Free Team” in the “Subscription” column. Less than 2% of Docker users have a Free Team organization on their account. Even if some of your organizations are affected, your individual Docker account (or other organizations) will not be affected by this change.
I have submitted an application to the Docker-Sponsored Open Source Program. |