Skip to main content
Version: 22.4

Docker container registry credentials

Container registry credentials

From version 22.3, Tower supports the configuration of credentials for the Nextflow Wave container service to authenticate to private and public container registries. For more information on Wave containers, see here.

Container registry credentials are only leveraged by the Wave containers service. In order for your pipeline execution to leverage Wave containers, add wave { enabled=true } either to the Nextflow config field on the launch page, or to your nextflow.config file.

Docker Hub registry access

You must use Docker Hub credentials with Read-only access to authenticate Tower to your registry. Docker Hub makes use of Personal Access Tokens (PATs) for authentication. Note that we do not currently support Docker Hub authentication using 2FA (two-factor authentication).

To create your access token in Docker Hub:

  1. Log in to Docker Hub.
  2. Select your username in the top right corner and select Account Settings.
  3. Select Security -> New Access Token.
  4. Enter a token description and select Read-only from the Access permissions drop-down menu, then select Generate.
  5. Copy and save the generated access token (this is only displayed once).

Add credentials to Tower

  • From an organization workspace: navigate to the Credentials tab and select Add Credentials.

  • From your personal workspace: select Your credentials from the user top-right menu, then select Add credentials.

PropertyDescriptionExample
NameA unique name for the credentials using alphanumeric characters, dashes, or underscoresmy-registry-creds
ProviderCredential typeContainer registry
User nameYour Docker usernameuser1
PasswordYour Personal Access Token1fcd02dc-...215bc3f3
Registry serverThe container registry hostname (excluding protocol)docker.io

Once the form is complete, select Add. The new credential is now listed under the Credentials tab.