-
Suggestion
-
Resolution: Unresolved
-
None
-
12
-
1
-
Problem Definition
Currently, Docker Runner only connects to public Docker Image Registries to pull images from, such as hub.docker.com
Please add the capability to connect to private registries to pull images.
Suggested Solution
Allow auth to private registries through input credentials, or the Shared Credentials
Workaround
Remote Agents
Add the docker login command to the .profile of the Remote Agent user, for each Agent which will be using the Docker Runner build capability.
docker login -u <username> -p <password> <registryhost:port>
To keep from having passwords stored in plain text in a script you can use the credential helper as outlined in the documentation for docker login
Elastic Agents
- From the top navigation bar select
> Elastic Bamboo > Image configurations.
- Select your preferred elastic image configuration and select edit
- Scroll down to Instance startup script section.
- Add the script below and save. Ensure to replace with the contents of your $HOME/.docker/config.json and your artifactory URL
#!/bin/bash export HOME=/home/bamboo cd $HOME mkdir .docker && chmod 700 .docker cat > .docker/config.json << EOF { "auths": { "private_registry_URL": { "auth": "AUTH_TOKEN" } } } EOF chown -R bamboo:bamboo .docker
Here is a relatively simple workaround for the lack of Authentication options on the Docker Runner.
This works because Docker pull just fetches the image into the machine local cache. When the 2nd stage goes to grab the container image, it is already in the local cache and thus doesn't need additional authentication.