Description
Proposed change
Forges like GitLab allows to have a per-project registry. However the current implementation fixes the prefix used to push images to one defined project.
This implies that there must be one dedicated project that will store all the images.
This also means that when the service is behind authentication, every user shall have access to that repo and thus all images can be viewed by every users. There are use cases where this is not desired.
There's work currently done in #1154 and #1169 to support user specific private repository access/build with GitLab but there's nothing available for pushing back to the corresponding repositories.
The feature requested is to add the possibility to configure BinderHub so that it pushes the generated images back to the registry from the project the image was built from.
Alternative options
To the best of my knowledge there's currently no alternative.
Who would use this feature?
- People wanting to keep the image close to the repository that generated them
- People wanting to give access to the image only to the members of a project
(Optional): Suggest a solution
As far as I know, there's no direct way to do it. The image_prefix is currently used as is.
One possible way to do it would be to delegate the tag/image name creation to the RepoProvider with a default implementation that does what is currently done.
Then in the GitLabRepoProvider, have an additional boolean property that would allow to use the default implementation or generate the image name based on the provided repo with a minimal prefix like for example "binder-".