As far as I could understand from the documentation there is no way to set multiple Google Container Registries (GCR) in Codefresh. The only method provided by the current docs is to create a service account that is granted permission for GCR operations in all projects.
The solution currently suggested in the documentation violates the Principle of Least Privilege and cannot be considered for our enterprise architecture design. We need isolation among pipelines and we cannot allow a pipeline to access an image built by another team for another project.
I would like to request whether it is planned to provide support for multiple Google Container Registries. If this was not the case we will be forced to drop the “official” Docker step altogether and customize how Docker authenticates, pulls, and pushes from/to a remote registry.