Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(ci): login to docker #2277

Merged
merged 13 commits into from
Nov 25, 2024
Merged

chore(ci): login to docker #2277

merged 13 commits into from
Nov 25, 2024

Conversation

lerouxb
Copy link
Contributor

@lerouxb lerouxb commented Nov 22, 2024

This should help with rate limiting.

Hopefully I got all the places that need the env vars. If not then docker-credential-from-env will hopefully tell us.

@lerouxb lerouxb added the no-title-validation Skips validation of PR titles (conventional commit adherence + JIRA ticket inclusion) label Nov 22, 2024
"auths": {
"https://index.docker.io/v1/": {}
},
"credsStore": "from-env"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A problem is that by specifying credsStore, the docker-credential-from-env script gets used for all stores. And at that point I can't tell if there's a way for the script to signal that a specific registry should be used without authentication.

What then happens is that we don't have credentials for registry.suse.com and then our script errors.

There is an alternative to credsStore which is credHelpers where you can specify a credential helper per registry domain. I tried it, but no matter what I used as the registry domain for docker hub I couldn't get it to use our script, so everything just worked unauthenticated. I looked online and can't find any examples where people specify the default docker hub registry domain in there so I'm beginning to think that it doesn't work for that case.

Unless I misread the docs or had some silly typo throughout all my tests? Not sure.

So what I'm doing now is to just specify credsStore which at least works in that it executes our script and then I just remove the DOCKER_CONFIG var for the suse cases. Which is an ugly hack and will probably stop working if we mix suse and regular docker images together in one script.

@lerouxb lerouxb merged commit c90120f into main Nov 25, 2024
143 of 151 checks passed
@lerouxb lerouxb deleted the login-docker-hub branch November 25, 2024 12:42
nirinchev added a commit that referenced this pull request Dec 2, 2024
* main: (34 commits)
  chore: update auto-generated files [skip actions]
  chore: update auto-generated files [skip actions]
  chore(ci): use github app tokens instead of bot user (#2282)
  chore: update auto-generated files [skip actions]
  chore(ci): cleanup auto generated file workflow MONGOSH-1927 (#2281)
  chore: update auto-generated files
  chore(ci): use a github app for the generated files credentials MONGOSH-1927 (#2280)
  chore(deps): bump driver, bson, oidc-plugin to latest MONGOSH-1916 (#2279)
  chore(ci): login to docker (#2277)
  chore(ci): don't download chrome for cron tasks (#2278)
  chore: update node.js (#2270)
  chore: push auto-generated files directly instead of using PRs (#2275)
  fix(ci): allocate more memory to fix test_vscode MONGOSH-1892 (#2239)
  chore: update auto-generated files (#2276)
  feat(shell-api): add options in stream processor start, stop, and drop MONGOSH-1920 (#2274)
  chore: update auto-generated files (#2273)
  chore: update auto-generated files (#2272)
  fix: include nonce in oidc request by default MONGOSH-1905 MONGOSH-1917 (#2269)
  chore(ci): filter for explictily set variants in unit tests (#2271)
  chore: update auto-generated files (#2268)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
no-title-validation Skips validation of PR titles (conventional commit adherence + JIRA ticket inclusion)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants