Support for private container registries in GitLab CI builds
Jeff Hutchins
Aleksey Tsalolikhin
Support for private container registries in GitLab CI builds
In GitLab 8.14 and GitLab Runner 1.8 we've improved support for private docker images.
From now on you can use private/protected images stored in GitLab's Container Registry automatically, without any changes. GitLab will send registry credentials with build data, and Runner will use them to authorize docker pull requests.
You can also use DOCKER_AUTH_CONFIG Secure Variable to add credentials for other private registries. Thanks to this you can use any image from any registry - public or private - which is accessible from build's host, to be a base of your build or a service used by it.
...
You can read more about private container registries support in GitLab Runner's configuration documentation.
ᐧAfter reading through the release notes for gitlab 8.14 at https://about.gitlab.com/2016/11/22/gitlab-8-14-released/ I assumed I'd be able to use docker images from my private registry on gitlab.com. This doesn't appear to be the case even if I follow the instructions at https://docs.gitlab.com/runner/configuration/advanced-configuration.html#using-a-private-container-registry for setting up the DOCKER_AUTH_CONFIG secret variable. Does anyone know if this is supposed to work?
--
You received this message because you are subscribed to the Google Groups "GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitlabhq+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gitlabhq/12941c96-e1b8-4faa-9f72-d626138e96b3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
ᐧJeff Hutchins
{
"auths": {
"registry.gitlab.com": {
"auth": <redacted>
}
}
}
I've confirmed that the base64 decocded value of auth is the proper username and password joined with a semicolon and that I can run docker pull registry.gitlab.com/boltvoice/go-builder:master with success locally but when I run my job I get
Running with gitlab-ci-multi-runner 1.8.0-rc.1 (1fd3fd4)
Using Docker executor with image registry.gitlab.com/boltvoice/go-builder:master ...
Pulling docker image registry.gitlab.com/boltvoice/go-builder:master ...
ERROR: Preparation failed: API error (500): Get https://registry.gitlab.com/v2/boltvoice/go-builder/manifests/master: denied: access forbidden
Will be retried in 3s ...
Using Docker executor with image registry.gitlab.com/boltvoice/go-builder:master ...
Pulling docker image registry.gitlab.com/boltvoice/go-builder:master ...
ERROR: Preparation failed: API error (500): Get https://registry.gitlab.com/v2/boltvoice/go-builder/manifests/master: denied: access forbidden
Will be retried in 3s ...
Using Docker executor with image registry.gitlab.com/boltvoice/go-builder:master ...
Pulling docker image registry.gitlab.com/boltvoice/go-builder:master ...
ERROR: Preparation failed: API error (500): Get https://registry.gitlab.com/v2/boltvoice/go-builder/manifests/master: denied: access forbidden
Will be retried in 3s ...
ERROR: Build failed (system failure): API error (500): Get https://registry.gitlab.com/v2/boltvoice/go-builder/manifests/master: denied: access forbidden