# Secret Type - DOCKERCFG

The DOCKERCFG-Type is for syncing the Pull-Credentials for secured Docker repositories. The data has to be saved in a specific format inside a KV Secret Engine.

Based on your used Key Value Secret Engine please see the following instructions.

### How To for KV Engine V1:

As already described the Pull-Credentials must be saved in a specific format inside a KV Secret Engine:

```
$ vault write secret/gitlab-hub url=registry.gitlab.com username=username password=VERYSECUREPASSWORD email=email@test.com
```

After this you can apply the following Vault Resource to Kubernetes:

```yaml
apiVersion: "koudingspawn.de/v1"
kind: Vault
metadata:
  name: test-dockercfg
spec:
  path: "secret/gitlab-hub"
  type: "DOCKERCFG"
```

Now you should see a Vault resource in Kubernetes and the created Docker Pull-Credentials:

```
$ kubectl get vault test-dockercfg
NAME             AGE
test-dockercfg   8d
```

```
$ kubectl get secret test-dockercfg
NAME             TYPE                      DATA      AGE
test-dockercfg   kubernetes.io/dockercfg   1         8d
```

### How To for KV Engine V2:

As already described the Pull-Credentials must be saved in a specific format inside a KV2 Secret Engine:

```
$ vault kv put secret/gitlab-hub url=registry.gitlab.com username=username password=VERYSECUREPASSWORD email=email@test.com
```

After this you can apply the following Vault Resource to Kubernetes:

```yaml
apiVersion: "koudingspawn.de/v1"
kind: Vault
metadata:
  name: test-dockercfg
spec:
  path: "secret/gitlab-hub"
  type: "DOCKERCFG"
  dockerCfgConfiguration:
    type: "KEYVALUEV2"
    version: 1
```

Now you should see a Vault resource in Kubernetes and the created Docker Pull-Credentials:

```yaml
$ kubectl get vault test-dockercfg
NAME             AGE
test-dockercfg   8d
```

```
$ kubectl get secret test-dockercfg
NAME             TYPE                      DATA      AGE
test-dockercfg   kubernetes.io/dockercfg   1         8d
```

### Supported Values in dockerCfgConfiguration

```yaml
dockerCfgConfiguration:
  type: "KEYVALUEV2" or "KEYVALUE"   if not provided default: "KEYVALUE"
  version: 1                         if not provided default is latest
```

### Change Adjustment Callback

For more details please see [Change Detection](/change-detection.md)!


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://vault.koudingspawn.de/supported-secret-types/secret-type-dockercfg.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.