docker icon indicating copy to clipboard operation
docker copied to clipboard
verified publisher icon docker-library

Docker login during CI doesnt work when use docker:19.03.14 from own registry

Open itkg-ppottie opened this issue 5 years ago • 4 comments

With quota limit to download images on Docker hub, i want to use a copy on my own registry. Same image , no modified, but when i try the login failed in CI

with this CI : it's work

.template-dind: &template-dind
  image: docker/compose:alpine-1.27.4
  services:
    - name:  docker:19.03.14-dind
      entrypoint:  ['dockerd-entrypoint.sh']
      alias: docker
      command: ["--insecure-registry", "XXXXXX:8443"]

with this service , it's failed:

 .template-dind: &template-dind
  image: docker/compose:alpine-1.27.4
  services:
    - name:  XXXXXX:8443/common/docker/test/docker:19.03.14-dind
      entrypoint:  ['dockerd-entrypoint.sh']
      alias: docker
      command: ["--insecure-registry", "XXXXXX:8443"]

The error:

 $ docker login $CI_REGISTRY -u gitlab-ci-token -p $REGISTRY_TOKEN
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
time="2020-12-22T16:02:13Z" level=info msg="Error logging in to v2 endpoint, trying next endpoint: Get https://XXXXXX:8443/v2/: x509: certificate signed by unknown authority"
Get XXXXXX:8443/v2/: x509: certificate signed by unknown authority

Cleaning up file based variables

118ERROR: Job failed: exit code 1

gitlab-runner 13.4.1 base image: docker/compose:alpine-1.27.4

i'm lost, any help?

itkg-ppottie avatar Dec 22 '20 16:12 itkg-ppottie

https://docs.docker.com/registry/insecure/

For using --insecure-registry I think you have to use port 5000

You could also try asking over at the Docker Community Forums, Docker Community Slack, or Stack Overflow. Since these repos aren't really a user-help forum

wglambert avatar Dec 22 '20 18:12 wglambert

Can you provide a more detailed .gitlab-ci.yml file? Also, where is your docker login operation?

You can try this:

 .template-dind: &template-dind
  image: docker/compose:alpine-1.27.4
  services:
      - name:  XXXXXX:8443/common/docker/test/docker:19.03.14-dind
      alias: docker
      command: ["--insecure-registry=https://XXXXXX:8443"]

tao12345666333 avatar Dec 29 '20 09:12 tao12345666333

https://docs.docker.com/registry/insecure/

For using --insecure-registry I think you have to use port 5000

You could also try asking over at the Docker Community Forums, Docker Community Slack, or Stack Overflow. Since these repos aren't really a user-help forum

it's not a problem of configuration. the same conf with a different images docker of change result of docker login.

itkg-ppottie avatar Jan 04 '21 10:01 itkg-ppottie

Can you provide a more detailed .gitlab-ci.yml file? Also, where is your docker login operation?

You can try this:

 .template-dind: &template-dind
  image: docker/compose:alpine-1.27.4
  services:
      - name:  XXXXXX:8443/common/docker/test/docker:19.03.14-dind
      alias: docker
      command: ["--insecure-registry=https://XXXXXX:8443"]

I use Deploy Token , this command work well locally with the same parameters or with the service using docker:19.03.14-dind: docker login $REGISTRY_BASE_URL -u $PLATEFORME_DEPLOY_USER -p $PLATEFORME_DEPLOY_TOKEN

itkg-ppottie avatar Jan 04 '21 10:01 itkg-ppottie