Skip to main content
If your slipway.yaml references a private image — via services.*.image or via a base image in a private registry — slipway needs credentials to pull it. Configure them once at the org level; no per-service config is required.
Registries settings page

Add a registry

Open Settings → Registries, click Add registry, and enter the host, username, and password (or token). Slipway stores the credentials encrypted, alongside the org’s other secrets.

How they’re used

At deploy time, slipway wires every registry you’ve configured into both the build and the running container, so private base images and prebuilt private images both pull cleanly. The deploy emits a registries_resolved event with the list of hosts wired up for that run.

Common registries

RegistryHostnameUsernamePassword
Docker Hubindex.docker.ioyour Docker Hub usernamea Docker Hub access token
GitHub Container Registryghcr.ioyour GitHub usernamea personal access token with read:packages
Amazon ECR<acct>.dkr.ecr.<region>.amazonaws.comAWSthe output of aws ecr get-login-password (note: rotates every 12 hours, see below)
Google Artifact Registry<region>-docker.pkg.dev_json_keythe full JSON of a service-account key
Azure Container Registry<name>.azurecr.ioyour service principal ID or admin userthe corresponding password
Amazon ECR tokens expire every 12 hours, so a stored get-login-password value needs rotating twice a day — GHCR and Docker Hub avoid that with long-lived credentials.

Permissions

RoleView hostsView passwordsCreate / update / delete
Vieweryesnono
Developeryesnono
Adminyesnoyes
Owneryesnoyes