Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED How to authenticate in gitlab pipline?

    Docker Registry
    6
    22
    136
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mehdi
      mehdi App Dev @klawitterb last edited by

      @klawitterb What I'm doing, on a non-cloudron setup, is that I created a service user allowed only on the registry, added its credentials to the secret CI variables on the gitlab project configuration, then in the .gitlab-ci.yml I do :

      docker login -u $CI_USER -p $CI_USER_PASSWORD my.registry.url.com
      
      1 Reply Last reply Reply Quote 0
      • girish
        girish Staff last edited by

        See this article also - https://about.gitlab.com/blog/2016/05/23/gitlab-container-registry/

        mehdi 1 Reply Last reply Reply Quote 0
        • mehdi
          mehdi App Dev @girish last edited by

          @girish That's only if you use the integrated container registry in gitlab Omnibus image, not an external one like on Cloudron

          girish 1 Reply Last reply Reply Quote 0
          • girish
            girish Staff @mehdi last edited by

            @mehdi Ah, I was just refering to the "Start using it" section. It has some examples on how to use with a CI_BUILD_TOKEN

            mehdi 1 Reply Last reply Reply Quote 0
            • atrilahiji
              atrilahiji App Dev last edited by

              Out of curiosity, why don’t we try the omnibus image on cloudron? Is it a lack of visibility or control into stuff like LDAP or something? Or just complexity of packaging

              1 Reply Last reply Reply Quote 0
              • mehdi
                mehdi App Dev @girish last edited by

                @girish Yeah, but the authentication using CI_BUILD_TOKEN only works when it's the integrated registry

                girish 1 Reply Last reply Reply Quote 1
                • girish
                  girish Staff @mehdi last edited by

                  @mehdi Ah, got it, I misunderstood the original question entirely.

                  1 Reply Last reply Reply Quote 0
                  • K
                    klawitterb last edited by

                    Using pipeline variables to login to docker.io is working without problems for me. But I can't get the authentication to the cloudron registry to work.
                    I've set up the auth part as described in the documentation using tokens. Do I now need to acquire a token first before I can login?
                    Also tried changing the auth to htpasswd on the docker registry without success. It still wont let me in, rejecting the request with a 403.

                    mehdi 1 Reply Last reply Reply Quote 0
                    • mehdi
                      mehdi App Dev @klawitterb last edited by

                      @klawitterb :

                      • which documentation are you talking about ?
                      • have you tried logging in from your local machine ? Does that work ?
                      K 1 Reply Last reply Reply Quote 0
                      • K
                        klawitterb @mehdi last edited by

                        @mehdi I'm referring to the documentation on the cloudron docs: https://docs.cloudron.io/apps/docker-registry/

                        I'm not even seeing log entries when trying to connect. Shouldn't it at least tell me about the failed login?

                        1 Reply Last reply Reply Quote 0
                        • K
                          klawitterb last edited by

                          Stupid me, just read the docs again that I only need to set this up for gitlab integration. Removed the auth config and was now able to successfully login using cloudron credentials.

                          caleno 1 Reply Last reply Reply Quote 2
                          • atrilahiji
                            atrilahiji App Dev last edited by

                            Weird... it just keeps timing out for me when I try a docker push

                            1 Reply Last reply Reply Quote 0
                            • atrilahiji
                              atrilahiji App Dev last edited by

                              Nevermind... got it working just fine.

                              girish 1 Reply Last reply Reply Quote 0
                              • girish
                                girish Staff @atrilahiji last edited by

                                @atrilahiji What did you do here? it seems this might be the source of the update issue which you mention in the other thread...

                                atrilahiji 2 Replies Last reply Reply Quote 0
                                • atrilahiji
                                  atrilahiji App Dev @girish last edited by atrilahiji

                                  @girish oh I reinstalled making sure it used the apps user management. This was before my update issue

                                  1 Reply Last reply Reply Quote 0
                                  • atrilahiji
                                    atrilahiji App Dev @girish last edited by

                                    @girish The new update with the UI helped a lot. Reinstalled a version thats is standalone using proxyAuth and a version to integrate with GitLab. Works perfectly. I'll be doing some more extensive testing.

                                    doodlemania2 1 Reply Last reply Reply Quote 1
                                    • doodlemania2
                                      doodlemania2 App Dev @atrilahiji last edited by

                                      @atrilahiji Write up a post on it and we can get it into the docs I bet!

                                      1 Reply Last reply Reply Quote 0
                                      • caleno
                                        caleno @klawitterb last edited by

                                        @klawitterb @girish

                                        If I understand it correctly the gitlab integration makes gitlab the authority for docker registry submitting jwt tokens for authentication. To create these tokens you either make a access token deploy token or a personal token (especially if you are using 2fa) and one should be able to authenticate to the registry, correct?

                                        I've tried all sorts of tokens and changing the docker-client in authproxy and nginxconfig without success.

                                        Has anyone manged to get this working? ><

                                        K 1 Reply Last reply Reply Quote 0
                                        • K
                                          klawitterb @caleno last edited by

                                          @caleno
                                          I removed the auth token config from the docker registry and used the normal docker login cmd in my pipeline using my normal cloudron account name + an app password.

                                          caleno 1 Reply Last reply Reply Quote 1
                                          • caleno
                                            caleno @klawitterb last edited by

                                            @klawitterb

                                            I have token auth activated or at least configured and I can still log inn with Cloudron username and password + 2fa.

                                            I'd like the token auth to work via Gitlab and maybe the case above points to a configuration issue.

                                            I have to investigate further.

                                            caleno 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post