I’m trying to build a Docker image on a docker-machine host and push that image to Gitlab registry. I enabled the registry, then used docker-machine as described HERE (with the exception that I used 172.17.0.1 as host IP, but it worked after a trivial change in Gitlab Runner configuration). The problem is that after building the image, when I try to push it, I get the following error:
$ docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN gitlab.organization.com:39140 Login Succeeded $ docker build -t gitlab.organization.com:39140/organization/project-name . (build went fine) $ docker push gitlab.organization.com:39140/organization/project-name The push refers to a repository [gitlab.organization.com:39140/organization/project-name] 9da290505e25: Preparing 4edf62705ffc: Preparing 9845b0e669c4: Preparing 0dd280e9ab09: Preparing 1efea06cfe5b: Preparing cf516324493c: Preparing cf516324493c: Waiting denied: access forbidden ERROR: Job failed: exit code 1
Here’s my .gitlab-ci.yml:
image: my-base-image variables: GIT_SUBMODULE_STRATEGY: recursive DOCKER_TLS_VERIFY: "1" DOCKER_HOST: "tcp://172.17.0.1:2376" DOCKER_CERT_PATH: "certs" test:build: script: - mkdir $DOCKER_CERT_PATH - echo "$CA" > $DOCKER_CERT_PATH/ca.pem - echo "$CLIENT_CERT" > $DOCKER_CERT_PATH/cert.pem - echo "$CLIENT_KEY" > $DOCKER_CERT_PATH/key.pem\ - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN gitlab.organization.com:39140 - docker build -t gitlab.organization.com:39140/organization/project-name . - docker pull gitlab.organization.com:39140/organization/project-name
My theory is that certificate from $DOCKER_CERT_PATH is used both for connecting with docker-machine host and Gitlab registry. Is that possible? Can I force login/password authentication for Gitlab Registry or generate a key that CI could use?