From 0bae7cd17d396035c9c6465096e810d6a2a079ad Mon Sep 17 00:00:00 2001
From: netikras <dariuxas@gmail.com>
Date: Tue, 16 Nov 2021 10:09:14 +0200
Subject: [PATCH] Tested AUTH_REGISTRIES_RAW

---
 Dockerfile | 2 ++
 README.md  | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index c1e0f3f..4c98052 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -63,6 +63,8 @@ EXPOSE 8082
 ENV REGISTRIES="k8s.gcr.io gcr.io quay.io"
 # A space delimited list of registry:user:password to inject authentication for
 ENV AUTH_REGISTRIES="some.authenticated.registry:oneuser:onepassword another.registry:user:password"
+# Raw nginx auth.map file contents. Some passwords might be too sensitive to be passed via envs unencoded
+ENV AUTH_REGISTRIES_RAW=""
 # Should we verify upstream's certificates? Default to true.
 ENV VERIFY_SSL="true"
 # Enable debugging mode; this inserts mitmproxy/mitmweb between the CONNECT proxy and the caching layer
diff --git a/README.md b/README.md
index b4fec84..45479d2 100644
--- a/README.md
+++ b/README.md
@@ -162,7 +162,7 @@ docker run  --rm --name docker_registry_proxy -it \
        -v $(pwd)/docker_mirror_cache:/docker_mirror_cache \
        -v $(pwd)/docker_mirror_certs:/ca \
        -e REGISTRIES="gitlab.com gitlab.int.company.com" \
-       -e AUTH_REGISTRIES_RAW="\"gitlab.com\" \"$(base64 <<<"USER:PASSWORD")\"; \"gitlab.int.company.com\" \"VVNFUjpQQVNTV09SRAo=\"" \
+       -e AUTH_REGISTRIES_RAW="gitlab.com $(base64 <<<"USER:PASSWORD"); gitlab.int.company.com VVNFUjpQQVNTV09SRAo=" \
        rpardini/docker-registry-proxy:0.6.2
 ```