I use the GitLab.com free plan to host certain projects for my clients in separate namespaces.
I have some base Docker images hosted in a private repository’s container registry in GitLab. I reference this image from other projects in other namespaces. Furthermore, I’m the sole developer in those namespaces, so It’s clear I have access rights to these docker images on that other repository.
Now, for some reason, I see an error in one project when it tries to pull the docker image:
Failed to pull image with policy "always": Error response from daemon: pull access denied for registry.gitlab.com/<url-to-image>, repository does not exist or may require 'docker login': denied: requested access to the resource is denied (manager.go:203:0s)
This didn’t happen 10 days ago, but happens now. For no particular reason. There was no change regarding the CI setup. And it only seems to happen in that one project. I use it exactly in the same way as 10 days ago, when it worked.
I already tried switching to a different Docker image published in the same container registry as the one failing. But this fails too.
So, the main questions now are
- Were there any significant GitLab CI changes since May 23 that might cause this?
- Is there any limitation how often a project can pull images from the container registry in GitLab?
- Are there any other limitations I might need to know of that could cause the issue?
I have the same user permissions in all projects, in the ones where it still works and the single one, where it doesn’t. I can also pull the image locally.
Any inputs what to look for?