Hey. I’m facing an issue trying to successfully pull images from a private Docker registry during a build. I’ve deployed gitlab-runner on a private K8s cluster, and used
imagePullSecrets in my Deployment manifest to pull gitlab/gitlab-runner:ubuntu-v11.8.0 from a private registry. All is well up to this point.
When running a build, the Runner’s executor appears to try to pull the “helper” image from Docker Hub, and fails (possibly restricted by our K8s cluster). In my
config.toml, I’ve set
image_pull_secrets to the same value as specified in my K8s Deployment.
image_pull_secrets = ["docker_registry_secret"]
The error given by the Runner is “image pull failed”.
Is the secret supposed live on the cluster?
Possible solutions in my opinion are to 1) request an exception from my security team to allow traffic to and from Docker Hub, 2) use Gitlab’s container registry, 3) create a fork of the gitlab-runner project, and pass through imagePullSecrets in the body of POST /pods (can become a maintenance issue).
Does anyone have a more straight-forward and simple solution?