Authentication

The first step of podman-maven-plugin, before any of the goals is executed, is to authenticate you with all the registries that are configured in your pom.xml. The podman-maven-plugin currently supports three methods of authentication:

  • Authentication via Podman’s default authentication file;

  • Authentication via Docker authentication file.

  • Authentication via Maven settings;

This plugin will use these mechanisms in the order listed.

Registries listed in the Maven Settings are used for authentication. Registries listed in either the Podman’s default auth file, or the Docker config file are assumed to be already authenticated.

Podman’s authentication file

The first method of authentication that is supported by this plugin is the default authentication mechanism of Podman. The default authentication mechanism is the auth.json file located at $XDG_RUNTIME_DIR/containers/.

An auth.json file is automatically created by Podman when performing a podman login <registry> on the command line. Podman will then use this file when performing future commands.

Listing 1. Sample Podman auth config.
{
	"auths": {
		"registry.example.com": {
			"auth": "bGV4OnRlc3Q="
		}
	}
}

Docker configuration file

The second method of authentication is by using Docker’s configuration file. This file is located at ~/.docker/config.json. This file is structured in an identical way compared to Podman’s authentication file.

Listing 2. Sample Docker configuration file.
{
	"auths": {
		"registry.example.com": {
			"auth": "bGV4OnRlc3Q="
		}
	}
}

Maven Settings

When a registry that is being used, is neither fount in the Podman authentication file, nor the Docker configuration file, than this plugin will attempt to authenticate those registries using information available in the Mave Settings file. Therefore, you must configure the registries in your Maven settings file.

The id of the server must match the registries configured in the plugin (see below). The plugin will fail if credentials are missing for any of the provided registries.
This plugin will also fail if there are no registries configured, but authentication is not skipped. Please refer to the table below for all configuration options.
Listing 3. Excerpt of a Maven Settings file.
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                          https://maven.apache.org/xsd/settings-1.0.0.xsd">

    <servers>
        <server>
            <id>container-registry.host.com</id>
            <username>username</username>
            <password>password</password>
        </server>
        <server>
            <id>container-registry.anotherhost.com:12345</id>
            <username>username</username>
            <password>{gsuybjVYiL4HK1S++3xiE9sHnHtzRGBlajGkQE5IH78=}</password> (1)
        </server>
    </servers>

    <!-- Other settings omitted -->

</settings>
1 Both encrypted and unencrypted passwords are supported.