Skip to main content
Version: 1.x

Publish

Once you're finished iterating on your application component, you can publish it to any OCI compliant registry that supports artifacts. Throughout our examples and wasmCloud official artifacts we use Docker Hub, AzureCR, and GitHub CR, but other registries should work as well. For local development and testing of the flow, refer to the Running a local OCI registry section to run a local registry in a Docker container.

Once you have a registry available, you can use the wash push and wash pull commands to push and pull components from OCI registries. For example, to pull a wasmCloud example locally:

bash
wash pull wasmcloud.azurecr.io/hello:0.1.7

If you're working with an unauthenticated registry, you can directly push artifacts to it by specifying an image reference and the local file:

bash
wash push localhost:5000/v2/wasmcloud/hello:0.1.7 ./hello.wasm

Authenticated Registries

Pushing to authenticated registries

If you're working with an OCI registry that requires credentials, wash supports basic authentication via the --username and --password flags.

Alternatively, you may opt to export your credentials as environment variables to avoid exposing them on the command line. This method of authentication works for both pushing and pulling.

bash
export WASH_REG_USER=wasmcloud
export WASH_REG_PASSWORD=supersecret
wash push wasmcloud.azurecr.io/hello:0.1.7 ./hello.wasm

You can also configure pushing to authenticated from wasmcloud.toml:

toml
name = "your-component-name"
type = "component"
language = "rust"
version = "0.1.0"

[registry]
url = "localhost:5001"
credentials = "./path/to/your/creds.json"

Your creds.json file might look something like this:

json
{
    "localhost:5001": {
        "username": "iambatman",
        "password": "iamvengeance"
    }
}

With these files configured, you can invoke wash push:

console
wash push localhost:5001/your-component-name:0.1.0 ./build/your_component_name_s.wasm

Pulling from authenticated registries

If your wasmCloud host is pulling from a registry that requires credentials, you can specify them when starting the host:

bash
export OCI_REGISTRY=ghcr.io
export OCI_REGISTRY_USER=myusername
export OCI_REGISTRY_PASSWORD=mys3cretper5onaltoken
wash up