It appears that when I connect to my private registry for a build, I get an unauthorized response unless the target includes a repo (even if it doesn't exist).
package main
import (
"alpha.dagger.io/dagger"
"alpha.dagger.io/dagger/op"
)
#Auth: {
target: dagger.#Input & {string}
username: dagger.#Input & {string}
secret: dagger.#Input & {dagger.#Secret | string}
}
// Add `auths` to `docker.#Build`
#Build: {
source: dagger.#Input & {dagger.#Artifact}
dockerfile: dagger.#Input & {*null | string}
args?: [string]: string | dagger.#Secret
auths: [...#Auth]
#up: [
for auth in auths {
op.#DockerLogin & {
for k, v in auth {
"\(k)": v
}
}
},
op.#DockerBuild & {
context: source
if dockerfile != null {
"dockerfile": dockerfile
}
if args != _|_ {
buildArg: args
}
},
]
}
image: #Build & {
source: null
dockerfile: """
FROM registry.example.net/php:7.4
"""
auths: [
#Auth & {
target: "registry.example.net"
username: "example"
}
]
}This returns a 401 Unauthorized:
$ dagger up
[✗] image 0.4s
6:32PM FTL failed to up environment: task failed: registry.example.net/php:7.4: unexpected status code [manifests 7.4]: 401 Unauthorized
But this works:
image: #Build & {
source: null
dockerfile: """
FROM registry.example.net/php:7.4
"""
auths: [
#Auth & {
target: "registry.example.net/wat" // repo doesn't exist in the registry
username: "example"
}
]
}Although with docker.io it isn't required. The following works:
image: #Build & {
source: null
dockerfile: """
FROM helder/private-repo
"""
auths: [
#Auth & {
target: "docker.io"
username: "helder"
}
]
}I'm running a registry:2 container with basic auth behind an Nginx reverse proxy.
It appears that when I connect to my private registry for a build, I get an unauthorized response unless the target includes a repo (even if it doesn't exist).
This returns a 401 Unauthorized:
But this works:
Although with docker.io it isn't required. The following works:
I'm running a
registry:2container with basic auth behind an Nginx reverse proxy.