AutoDevOps: curl fails with “Recv failure: Connection reset by peer” during Docker build

Problem to solve

During AutoDevOps CI/CD pipelines, HTTPS requests fail when executed during Docker image build.

What we see:

• curl https://api.nuget.org/v3/index.json fails during docker build with:
  curl: (35) Recv failure: Connection reset by peer

Expected:

• Docker builds should be able to fetch dependencies or reach external services.

Additional context:

• The same curl command works from inside a regular Kubernetes pod on the same node.
• This issue appeared recently with no changes to our CI/CD configuration.

Steps to reproduce

1. Run a pipeline job that builds a Docker image and includes curl https://api.nuget.org/v3/index.json inside the Dockerfile.
2. Observe that the HTTPS request fails during the build.

What we have tried:

• Added --network=host to the docker build command.
• Disabled BuildKit.
• Set FF_NETWORK_PER_BUILD: "true".
• Verified DNS resolution works.
• Confirmed that external requests from within other pods succeed.

Configuration

.gitlab-ci.yml snippet:

  build:
    stage: build
    image: docker:latest
    services:
      - docker:dind
    variables:
      DOCKER_HOST: tcp://docker:2375
      DOCKER_DRIVER: overlay2
    script:
      - docker build --network=host -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA .

Versions

• GitLab: 18.0.2 (self-managed)
• GitLab Runner: 18.0.3 (executor: kubernetes)
• Kubernetes: v1.30.0

Notes

• GitLab Runner is deployed in Kubernetes using Helm.
• We suspect recent GitLab Runner or AutoDevOps behavior has changed regarding networking during build phase.

Hi!

Did you manage to solve this issue ?

I am encountering the exact same problem with the MS packages repository URL (trying to install Azure CLI in a Docker Build, using GitLab Runners deployed in Kubernetes via Helm and a docker:dind service)

My GitLab version is 18.1.2, and GitLab Runners are 18.0.2 (chart 0.77.2)