How to deploy on custom docker registry? - drone.io

I setup a simple go project and I wish to build and deploy a simple docker image to my private registry.
This is my .drone.yml:
pipeline:
build:
image: golang
commands:
- go build
docker:
image: plugins/docker
username: xxxxxxxxxxx
password: yyyyyyyyyyy
repo: docker.mycompany.it:5000/drone/test
tags: latest
debug: true
But the plugins tries to connect and authenticate to docker registry.

If you are using a custom registry you need to set the registry parameter in the plugin configuration [1]. The registry parameter is provided to the docker login command (e.g. docker login gcr.io)
Example configuration with custom registry:
pipeline:
docker:
image: plugins/docker
repo: index.company.com/foo/bar
registry: index.company.com
[1] source http://plugins.drone.io/drone-plugins/drone-docker/

Related

ECR login fails in gitlab runner

I'm trying to deploy ECS with task definition and I'm using ECR to store my docker image in was. When I try to login ECR in GitLab CI/CD with shared runner. I'm getting errors.
image: docker:19.03.10
services:
- docker:dind
variables:
REPOSITORY_URL: <REPOSITORY_URL>
TASK_DEFINITION_NAME: <Task_Definition>
CLUSTER_NAME: <CLUSTER_NAME>
SERVICE_NAME: <SERVICE_NAME>
before_script:
- apk add --no-cache curl jq python py-pip
- pip install awscli
- aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
- aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
- aws configure set region $AWS_DEFAULT_REGION
- $(aws ecr get-login --no-include-email --region "${AWS_DEFAULT_REGION}")
- IMAGE_TAG="$(echo $CI_COMMIT_SHA | head -c 8)"
stages:
- build
- deploy
build:
stage: build
script:
- echo "Building image..."
- docker build -t $REPOSITORY_URL:latest .
- echo "Tagging image..."
- docker tag $REPOSITORY_URL:latest $REPOSITORY_URL:$IMAGE_TAG
- echo "Pushing image..."
- docker push $REPOSITORY_URL:latest
- docker push $REPOSITORY_URL:$IMAGE_TAG
Error details:
There are two approaches that you can take to access a private registry. Both require setting the CI/CD variable DOCKER_AUTH_CONFIG with appropriate authentication information.
Per-job: To configure one job to access a private registry, add DOCKER_AUTH_CONFIG as a CI/CD variable.
Per-runner: To configure a runner so all its jobs can access a private registry, add DOCKER_AUTH_CONFIG as an environment variable in the runner’s configuration.
https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#access-an-image-from-a-private-container-registry
I see the following issues in your config:
docker login is missing
without DOCKER_HOST docker:dind will not work
Please try to follow this tutorial - link, youtube video about the mentioned tutorial is here.

Docker Tag Error 25 on gitlab-ci.yml trying to start GitLab Pipeline

I'm going through the "Scalable FastAPI Application on AWS" course. My gitlab-ci.yml file is below.
stages:
- docker
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "/certs"
cache:
key: ${CI_JOB_NAME}
paths:
- ${CI_PROJECT_DIR}/services/talk_booking/.venv/
build-python-ci-image:
image: docker:19.03.0
services:
- docker:19.03.0-dind
stage: docker
before_script:
- cd ci_cd/python/
script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
- docker build -t registry.gitlab.com/chris_/talk-booking:cicd-python3.9-slim .
- docker push registry.gitlab.com/chris_/talk-booking:cicd-python3.9-slim
My Pipeline fails with this error:
See https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
$ docker build -t registry.gitlab.com/chris_/talk-booking:cicd-python3.9-slim .
invalid argument "registry.gitlab.com/chris_/talk-booking:cicd-python3.9-slim" for "-t, --tag" flag: invalid reference format
See 'docker build --help'.
Cleaning up project directory and file based variables
ERROR: Job failed: exit code 125
It may or may not be relevant but the Container Registry for the GitLab project says there's a Docker connection error.
Thanks
I created a new GitLab account with a new username and things are working now. The underscore does appear to have been the issue.

drone "Insufficient privileges to use privileged mode"

i had write a .drone.yml in my gogs git repository. but when i push the git change , drone web tell me Insufficient privileges to use privileged mode. how can i fix it?
this is my .drone.yml:
pipeline:
build:
image: test-harbor.cx580.com/centos/centos7:Beat2.0
privileged: true
commands:
- mkdir -p /data/k8s/drone/jar-db/
- \cp README.md /data/k8s/drone/jar-db/
- ls /data/k8s/drone/jar-db/
push:
image: plugins/docker
repo: test-harbor.cx580.com/centos/centos7:Beat2.0
registry: test-harbor.cx580.com
username: ci
password: '1qaz!QAZ'
tags:
- latest
i had search in google, this websize tell me Your repository isn't in the trusted list of repositories. Get in touch with Devops and ask them to trust it but ,how can i trusted the repositorie?
and i get setting in the drone web , and check the Trusted in the settings,but it also failed :
img
Set drone-server env (My repositorie is GitLab)
...
- DRONE_OPEN=false
- DRONE_ADMIN=<your gitlab username>
- DRONE_GITLAB_PRIVATE_MODE=true
...
Enable drone settings
Settings -> Trusted like this

How to publish docker images to docker hub from gitlab-ci

Gitlab provides a .gitlab-ci.yml template for building and publishing images to its own registry (click "new file" in one of your project, select .gitlab-ci.yml and docker). The file looks like this and it works out of the box :)
# This file is a template, and might need editing before it works on your project.
# Official docker image.
image: docker:latest
services:
- docker:dind
before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
build-master:
stage: build
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE" .
- docker push "$CI_REGISTRY_IMAGE"
only:
- master
build:
stage: build
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" .
- docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
except:
- master
But by default, this will publish to gitlab's registry. How can we publish to docker hub instead?
No need to change that .gitlab-ci.yml at all, we only need to add/replace the environment variables in project's pipeline settings.
1. Find the desired registry url
Using hub.docker.com won't work, you'll get the following error:
Error response from daemon: login attempt to https://hub.docker.com/v2/ failed with status: 404 Not Found
Default docker hub registry url can be found like this:
docker info | grep Registry
Registry: https://index.docker.io/v1/
index.docker.io is what I was looking for.
2. Set the environment variables in gitlab settings
I wanted to publish gableroux/unity3d images using gitlab-ci, here's what I used in Gitlab's project > Settings > CI/CD > Variables
CI_REGISTRY_USER=gableroux
CI_REGISTRY_PASSWORD=********
CI_REGISTRY=docker.io
CI_REGISTRY_IMAGE=index.docker.io/gableroux/unity3d
CI_REGISTRY_IMAGE is important to set.
It defaults to registry.gitlab.com/<username>/<project>
regsitry url needs to be updated so use index.docker.io/<username>/<project>
Since docker hub is the default registry when using docker, you can also use <username>/<project> instead. I personally prefer when it's verbose so I kept the full registry url.
This answer should also cover other registries, just update environment variables accordingly. 🙌
To expand on the GabLeRoux's answer,
I had issues on the pushing stage of the GitLab CI build:
denied: requested access to the resource is denied
By changing my CI_REGISTRY to docker.io (remove the index.) I was able to successfully push.

Can't push to gcr with drone plugins/docker

i have been trying out drone and have been unsuccessful in pushing the docker image to gcr.
pipeline:
build:
image: plugins/docker
dockerfile: docker/Dockerfile
registry: gcr.io
repo: gcr.io/<REPO>
tags: "${DRONE_COMMIT_SHA}"
insecure: true
debug: true
The following is the error message:
denied: Unable to access the repository; please check that you have permission to access it.
I have been trying to follow the documentation but I always get this error.
Need help. Thanks.
The first step is to store your credentials (we call them secrets) in drone. You can do this using the command line utility or the user interface.
drone secret add <github_repo> --name=docker_username --value=<username>
drone secret add <github_repo> --name=docker_password --value=<password>
Once you have stored your credentials you must update your yaml configuration file to request access to the named secrets using the secrets attribute (this seems to be missing in your example). Example configuration:
pipeline:
build:
image: plugins/docker
dockerfile: docker/Dockerfile
registry: gcr.io
repo: gcr.io/<REPO>
secrets: [ docker_username, docker_password ]
For reference please see the following secret documentation which uses the docker plugin as the primary example http://docs.drone.io/manage-secrets/