Docker login in deploy job: ""Error logging in to v1 endpoint..."

Hi,

Hoping to get some help with the following, searched for a solution or explanation but am at a loss here.

We’re running on Gitlab.com and using shared runners. I have defined the following gitlab-ci.yml with two jobs and a before_script. The deploy job will connect to a docker-deamon and pull updated images and restart (left those steps out for brevity).

image: docker/compose:latest

services:
- docker:19.03.5-dind

stages:
- test
- deploy

before_script:
  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY

testing:
  script:
    - echo 'Test code here'

deploy_staging:
  stage: deploy
  script:
    - echo 'Pull and run images from private Gitlab registry
  environment:
    name: staging
    url: https://staging.<abc>.net
  only:
  - master

What we’re expecting is each job logging in to the registry and then in the script section being able to pull, tag and push images to the registry.

What we’re seeing is the testing job succeeding:

Running before_script and script
 $ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 WARNING! Using --password via the CLI is insecure. Use --password-stdin.
 WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
 Configure a credential helper to remove this warning. See
 https://docs.docker.com/engine/reference/commandline/login/#credentials-store
 Login Succeeded
 $ echo 'Test code here'
 Test code here
Running after_script

But the deploy_staging job fails to complete the before_script:

Running before_script and script
 $ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 WARNING! Using --password via the CLI is insecure. Use --password-stdin.
 time="2020-04-24T07:07:44Z" level=info msg="Error logging in to v2 endpoint, trying next endpoint: Get https://registry.gitlab.com/v2/: x509: failed to load system roots and no roots provided"
 time="2020-04-24T07:07:44Z" level=info msg="Error logging in to v1 endpoint, trying next endpoint: Get https://registry.gitlab.com/v1/users/: x509: failed to load system roots and no roots provided"
 Get https://registry.gitlab.com/v1/users/: x509: failed to load system roots and no roots provided
Running after_script

We are on GitLab.com using shared runners.

The gitlab-ci.yml is simplified, we’ve been running a pipeline with more steps and the docker login ... works every single time. I am suspecting the specific deploy job with an environment defined is ‘different’ in some way than the other job types. But I’ve not been able to find anything useful describing this particular situation.

I’ve tried running the docker login command in a before_script within the deploy_staging job and also in the scripts section. All give the same result.

I’ve also tried using different images:

  • newer: image: docker/compose:debian-1.26.0-rc3 -> same result
  • same but explicit version: docker/compose:1.25.5 --> slightly different error message:
Running before_script and script
 $ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 WARNING! Using --password via the CLI is insecure. Use --password-stdin.
 time="2020-04-24T07:44:34Z" level=info msg="Error logging in to v2 endpoint, trying next endpoint: Get https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority"
 Get https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority
Running after_script
  • older: docker/compose:1.24.1 --> different result, testing job fails already, with a different error though:
$ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 WARNING! Using --password via the CLI is insecure. Use --password-stdin.
 Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
 Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Any help or pointers would be much appreciated! Thanks, Mark

Hi Mark,
Is this issue resolved? I am also struck at similar issue… Any suggestion to fix would be of great help.

Hi, yes resolved this.

I am using this image / services combination in gitlab-ci.yml.

image: docker/compose:1.25.5

services:
- docker:19.03.8-dind

Hope this helps.