Docker container registry credentials
Container registry credentials
From version 22.3, Tower supports the configuration of credentials for the Nextflow Wave container service to authenticate to private and public container registries. For more information on Wave containers, see here.
Container registry credentials are only leveraged by the Wave containers service. In order for your pipeline execution to leverage Wave containers, add wave { enabled=true } either to the Nextflow config field on the launch page, or to your nextflow.config file.
Docker Hub registry access
You must use Docker Hub credentials with Read-only access to authenticate Tower to your registry. Docker Hub makes use of Personal Access Tokens (PATs) for authentication. Note that we do not currently support Docker Hub authentication using 2FA (two-factor authentication).
To create your access token in Docker Hub:
- Log in to Docker Hub.
- Select your username in the top right corner and select Account Settings.
- Select Security -> New Access Token.
- Enter a token description and select Read-only from the Access permissions drop-down menu, then select Generate.
- Copy and save the generated access token (this is only displayed once).
Add credentials to Tower
-
From an organization workspace: navigate to the Credentials tab and select Add Credentials.
-
From your personal workspace: select Your credentials from the user top-right menu, then select Add credentials.
| Property | Description | Example |
|---|---|---|
| Name | A unique name for the credentials using alphanumeric characters, dashes, or underscores | my-registry-creds |
| Provider | Credential type | Container registry |
| User name | Your Docker username | user1 |
| Password | Your Personal Access Token | 1fcd02dc-...215bc3f3 |
| Registry server | The container registry hostname (excluding protocol) | docker.io |
Once the form is complete, select Add. The new credential is now listed under the Credentials tab.