crane-auth

Execute crane auth subcommand

$ crane auth [subcommand]

$ crane auth get [registry_address] [[-h|--help]]

$ crane auth login [registry_address] [[-h|--help]] [[-p|--password]] [password] [-password-stdin] [[-u|--username]] [username]

$ crane auth logout [registry_address] [[-h|--help]]

$ crane auth token [registry_address] [[-H|--header]] [[-h|--help]] [[-m|--mount]] [scope1 scope2 ...] --push

$ crane auth [[-h|--help]]

crane auth [command]

login
    Log in to a registry. This may require entering a username and password.

logout
    Log out from a registry. Removes stored credentials.

--insecure
    Allow insecure (non-HTTPS) connections to the registry. Use with caution!

--config
    Path to the Docker config file. Defaults to ~/.docker/config.json

--username string
    Specify the username for login. (Default prompt)

--password string
    Specify the password for login. (Default prompt)

Crane-auth is a command-line interface (CLI) tool primarily used for authenticating with container registries, specifically those utilized in the context of container image distribution and management. It simplifies the process of obtaining authentication credentials (e.g., Docker Hub, Google Container Registry, AWS Elastic Container Registry) and storing them for subsequent use by other container tools such as `crane` itself.

`crane-auth` manages the authentication process by prompting for credentials if they aren't already available or by leveraging existing credentials stored in a configuration file. This avoids the need to repeatedly enter usernames and passwords. The tool is designed to be used both interactively and non-interactively, making it suitable for scripting and automation. It often works by writing Docker config files (`~/.docker/config.json`) so other container tooling can operate correctly.
It is particularly useful in environments where you need to programmatically authenticate to container registries, for instance, in CI/CD pipelines or automated image building and deployment processes.

Using the `--insecure` flag exposes your credentials to potential security risks. It should only be used with registries that are trusted and on networks where eavesdropping is not a concern.

Authentication information is generally stored in a Docker configuration file, typically located at `~/.docker/config.json`. `crane-auth` interacts with this file to manage and retrieve credentials.

Example: crane auth login myregistry.example.com
Authenticates to the specified registry.

Example: crane auth logout myregistry.example.com
Logs out from the specified registry.

The `crane-auth` command is part of the `crane` project, which emerged to provide a lightweight alternative to Docker for interacting with container registries and images. It aims to simplify common operations such as pulling, pushing, and listing images without requiring the full Docker daemon. `crane-auth` specifically addresses the need for programmatic and scriptable authentication, enabling seamless integration with CI/CD systems and other automation tools.

crane(1), docker(1)