DirectorySecurity AdvisoriesPricing
Sign in
Directory
docker-registry logoHELM

docker-registry

Helm chart
Last changed
Request a free trial

Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.

Overview
Chart versions
Default values
Chart metadata
Images

Tag:
1
# Default values for docker-registry.
2
# This is a YAML-formatted file.
3
# Declare variables to be passed into your templates.
4
replicaCount: 1
5
updateStrategy: {}
6
# type: RollingUpdate
7
# rollingUpdate:
8
# maxSurge: 1
9
# maxUnavailable: 0
10
11
podAnnotations: {}
12
podLabels: {}
13
serviceAccount:
14
create: false
15
name: ""
16
annotations: {}
17
image:
18
repository: cgr.dev/chainguard-private/distribution
19
tag: latest@sha256:60f056d1b36cc12f5fd674a9fb33c6e19cec4cf9cdc35e66aaa6bc4797377506
20
pullPolicy: IfNotPresent
21
# imagePullSecrets:
22
# - name: docker
23
deployment: {}
24
# annotations:
25
service:
26
name: registry
27
type: ClusterIP
28
# sessionAffinity: None
29
# sessionAffinityConfig: {}
30
# clusterIP:
31
port: 5000
32
# nodePort:
33
# loadBalancerIP:
34
# loadBalancerSourceRanges:
35
annotations: {}
36
# foo.io/bar: "true"
37
labels: {}
38
# foo.io/baz: "false"
39
ingress:
40
enabled: false
41
className: nginx
42
path: /
43
# Used to create an Ingress record.
44
hosts:
45
- chart-example.local
46
annotations: {}
47
# kubernetes.io/ingress.class: nginx
48
# kubernetes.io/tls-acme: "true"
49
labels: {}
50
tls:
51
# Secrets must be manually created in the namespace.
52
# - secretName: chart-example-tls
53
# hosts:
54
# - chart-example.local
55
resources: {}
56
# We usually recommend not to specify default resources and to leave this as a conscious
57
# choice for the user. This also increases chances charts run on environments with little
58
# resources, such as Minikube. If you do want to specify resources, uncomment the following
59
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
60
# limits:
61
# cpu: 100m
62
# memory: 128Mi
63
# requests:
64
# cpu: 100m
65
# memory: 128Mi
66
persistence:
67
accessMode: 'ReadWriteOnce'
68
enabled: false
69
size: 10Gi
70
# storageClass: '-'
71
# set the type of filesystem to use: filesystem, s3
72
storage: filesystem
73
# Set this to name of secret for tls certs
74
# tlsSecretName: registry.docker.example.com
75
secrets:
76
haSharedSecret: ""
77
htpasswd: ""
78
# Secrets for Azure
79
# azure:
80
# accountName: ""
81
# accountKey: ""
82
# container: ""
83
# Secrets for S3 access and secret keys
84
# Use a secretRef with keys (accessKey, secretKey) for secrets stored outside the chart
85
# s3:
86
# secretRef: ""
87
# accessKey: ""
88
# secretKey: ""
89
# Secrets for Swift username and password
90
# swift:
91
# username: ""
92
# password: ""
93
94
# Options for s3 storage type:
95
# s3:
96
# region: us-east-1
97
# regionEndpoint: https://s3.us-east-1.amazonaws.com
98
# bucket: my-bucket
99
# rootdirectory: /object/prefix
100
# encrypt: false
101
# secure: true
102
# forcepathstyle: true
103
# skipverify: true
104
105
# Options for swift storage type:
106
# swift:
107
# authurl: http://swift.example.com/
108
# container: my-container
109
110
# https://docs.docker.com/registry/recipes/mirror/
111
proxy:
112
enabled: false
113
remoteurl: https://registry-1.docker.io
114
username: ""
115
password: ""
116
# the ref for a secret stored outside of this chart
117
# Keys: proxyUsername, proxyPassword
118
secretRef: ""
119
metrics:
120
enabled: false
121
port: 5001
122
# Create a prometheus-operator servicemonitor
123
serviceMonitor:
124
enabled: false
125
labels: {}
126
# prometheus-operator PrometheusRule defining alerting rules for a Prometheus instance
127
prometheusRule:
128
enabled: false
129
labels: {}
130
rules: {}
131
configPath: /etc/distribution
132
configData:
133
version: 0.1
134
log:
135
fields:
136
service: registry
137
storage:
138
cache:
139
blobdescriptor: inmemory
140
http:
141
addr: :5000
142
headers:
143
X-Content-Type-Options: [nosniff]
144
debug:
145
addr: :5001
146
prometheus:
147
enabled: false
148
path: /metrics
149
health:
150
storagedriver:
151
enabled: true
152
interval: 10s
153
threshold: 3
154
containerSecurityContext:
155
enabled: true
156
seLinuxOptions: {}
157
allowPrivilegeEscalation: false
158
capabilities:
159
drop:
160
- ALL
161
privileged: false
162
readOnlyRootFilesystem: true
163
runAsUser: 1000
164
runAsGroup: 1000
165
runAsNonRoot: true
166
seccompProfile:
167
type: RuntimeDefault
168
securityContext:
169
enabled: true
170
fsGroupChangePolicy: Always
171
sysctls: []
172
supplementalGroups: []
173
runAsUser: 1000
174
fsGroup: 1000
175
priorityClassName: ""
176
podDisruptionBudget: {}
177
# maxUnavailable: 1
178
# minAvailable: 2
179
180
autoscaling:
181
enabled: false
182
minReplicas: 1
183
maxReplicas: 2
184
targetCPUUtilizationPercentage: 60
185
targetMemoryUtilizationPercentage: 60 # available only on Kubernetes ≥1.23 [required "autoscaling/v2"]
186
behavior: {} # available only on Kubernetes ≥1.23 [required "autoscaling/v2"]
187
# scaleDown:
188
# stabilizationWindowSeconds: 300
189
# policies:
190
# - type: Percent
191
# value: 100
192
# periodSeconds: 15
193
# scaleUp:
194
# stabilizationWindowSeconds: 0
195
# policies:
196
# - type: Percent
197
# value: 100
198
# periodSeconds: 15
199
# - type: Pods
200
# value: 4
201
# periodSeconds: 15
202
# selectPolicy: Max
203
204
nodeSelector: {}
205
affinity: {}
206
tolerations: []
207
extraVolumeMounts: []
208
## Additional volumeMounts to the registry container.
209
# - mountPath: /secret-data
210
# name: cloudfront-pem-secret
211
# readOnly: true
212
213
extraVolumes: []
214
## Additional volumes to the pod.
215
# - name: cloudfront-pem-secret
216
# secret:
217
# secretName: cloudfront-credentials
218
# items:
219
# - key: cloudfront.pem
220
# path: cloudfront.pem
221
# mode: 511
222
223
extraEnvVars: []
224
## Additional ENV variables to set
225
# - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
226
# value: "/var/lib/example"
227
228
initContainers: []
229
## Init containers to add to the Deployment
230
# - name: init
231
# image: busybox
232
# command: []
233
234
garbageCollect:
235
enabled: false
236
deleteUntagged: true
237
schedule: "0 1 * * *"
238
podAnnotations: {}
239
podLabels: {}
240
resources: {}
241
# We usually recommend not to specify default resources and to leave this as a conscious
242
# choice for the user. This also increases chances charts run on environments with little
243
# resources, such as Minikube. If you do want to specify resources, uncomment the following
244
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
245
# limits:
246
# cpu: 100m
247
# memory: 128Mi
248
# requests:
249
# cpu: 100m
250
# memory: 128Mi
251

The trusted source for open source

Talk to an expert
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsChainguard OS PackagesChainguard ActionsChainguard Agent SkillsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0SOC 2Golden ImagesCVE RemediationPublic SectorStartups

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogOpen Source LeadershipPartnersNewsroomCareersLegal
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.