Kluctl provides OCI support in multiple places. See the following sections for details.
Helm OCI based registries
Kluctl can include sub-deployments from OCI artifacts via OCI includes .
These artifacts can be pushed via the kluctl oci push sub-command.
Private registries are supported as well. To authenticate to these, use one of the following methods.
Kluctl tries to use credentials stored in
$HOME/.docker/config.json as well, so
will also allow Kluctl to authenticate
against OCI registries.
Use environment variables to specify authentication
You can also use environment variables to specify OCI authentication.
The following environment variables are supported:
KLUCTL_REGISTRY_HOST: Specifies the registry host name to match before the specified credentials are considered.
KLUCTL_REGISTRY_REPOSITORY: Specifies the repository name to match before the specified credentials are considered. The repository name can contain the organization name, which default to
libraryis omitted. Can contain wildcards.
KLUCTL_REGISTRY_USERNAME: Specifies the username.
KLUCTL_REGISTRY_PASSWORD: Specifies the password.
KLUCTL_REGISTRY_IDENTITY_TOKEN: Specifies the identity token used for authentication.
KLUCTL_REGISTRY_TOKEN: Specifies the bearer token used for authentication.
KLUCTL_REGISTRY_INSECURE_SKIP_TLS_VERIFY: If set to
true, Kluctl will skip TLS verification for matching registries.
KLUCTL_REGISTRY_PLAIN_HTTP: If set to
true, forces the use of http (no TLS).
KLUCTL_REGISTRY_CERT_FILE: Specifies the client certificate to use while connecting to the matching repository.
KLUCTL_REGISTRY_KEY_FILE: Specifies the client key to use while connecting to the matching repository.
KLUCTL_REGISTRY_CA_FILE: Specifies CA bundle to use for TLS/https verification.
Multiple credential sets can be specified by including an index in the environment variable names, e.g.
KLUCTL_REGISTRY_1_PASSWORD=my-password will apply
the given credential to all registries with the host
KLUCTL_REGISTRY_2_PASSWORD=my-other-password will apply the other credentials