Hello,
I am running pipelines for automatically building Docker images on push to latest and whenever the repo is tagged. Here is my gitlab-ci.yml
file:
# Build & push latest image
docker-build-push:
image: docker:cli
stage: build
services:
- docker:dind
before_script:
- docker login -u sofiapipeline -p "$CI_REGISTRY_PASSWORD"
script:
- docker build --pull -t docker.io/sofiapipeline/sofia2:latest .
- docker push docker.io/sofiapipeline/sofia2
rules:
- if: $CI_COMMIT_BRANCH && $CI_PROJECT_NAMESPACE == "SoFiA-Admin"
exists:
- Dockerfile
# Build & push tagged image on tag
docker-build-tag:
image: docker:cli
stage: build
services:
- docker:dind
before_script:
- docker login -u sofiapipeline -p "$CI_REGISTRY_PASSWORD"
script:
- docker build --pull -t docker.io/sofiapipeline/sofia2:$CI_COMMIT_TAG .
- docker push docker.io/sofiapipeline/sofia2:$CI_COMMIT_TAG
rules:
- if: $CI_COMMIT_TAG =~ /^v[0-9].[0-9].[0-9]/ && $CI_PROJECT_NAMESPACE == "SoFiA-Admin"
when: always
I am having the strange issue where the docker-build-push
pipelines are working each time but the docker-build-tag
pipelines are failing at the login step. In a most recent run I get the following error message:
$ docker login -u sofiapipeline -p "$CI_REGISTRY_PASSWORD"
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get "https://registry-1.docker.io/v2/": unauthorized: incorrect username or password
Cleaning up project directory and file based variables 00:01
ERROR: Job failed: exit code 1
A docker-build-latest
pipeline that is triggered at the same time is able to complete even though the before_script
command is exactly the same. The secrets that are stored are obviously the same for both runs.
Does anybody know why this might be the case?