Hi,
We have an on-prem GitLab installation and use GitLab CI with on-prem
servers. I have setup a private Docker container registry on one of the
build servers. I can use this private container registry with GitLab CI
properly. However, I would like to be able to build Docker images from
GitLab CI using that privatate registry. I have setup a test project that
looks like this:
gitlab-ci.yml:
image: "docker:stable"
services:
- docker:dind
test:
script:
- HTTP_PROXY= HTTPS_PROXY= docker build -t
git.res.nrc.gc.ca:4000/ssit-kits/cloudberry/cloudberryresourcemanagement .
- docker push
git.res.nrc.gc.ca:4000/ssit-kits/cloudberry/cloudberryresourcemanagement
tags:
- docker
Dockerfile
FROM "my-private-registry.com/my-alpine-image"
MAINTAINER joeydumont "https://github.com/joeydumont";
RUN apk add python2 python2-dev make py2-virtualenv ncurses build-base
openssl-dev
RUN apk update
RUN apk upgrade
However, this fails at the FROM line:
Step 1/5 : FROM "my-private-registry.com/my-alpine-image"
Get https://my-private-registry.com/v2/: x509: certificate signed by unknown
authority
ERROR: Job failed: exit code 1
In order for GitLab to be able to pull from my-private-registry, I had to both
add the self-signed cert to /etc/docker/certs.d/ and to the local cert store
(/etc/pki/ca-trust/source/anchors/).
Do you know how I could expose the system /etc/docker/certs.d/ to the
docker:stable image used in the gitlab-ci?
I'm grateful for any info.
--
You received this message because you are subscribed to the Google Groups
"GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/gitlabhq/cdac661a-7823-4dcd-a61b-2c3ce18b460f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
