Set the docker enpoint (TCP)

[indaco]

Best practices for docker encourage to avoid accessing the Docker API without any restriction (aka /var/run/docker.sock)

Possible solutions are expose the Docker socket over TCP or SSH. For TCP exposing I use the TecnativaDocker Socket Proxy. This approach requires to connect the docker client to that socket exposed as e.g.tcp://docker-socket-proxy:2375

E.g.

• Traefik -> set providers.docker.endpoint=tcp://docker-socket-proxy:2375
• Portainer -> command: -H tcp://docker-socket-proxy:2375 in my docker-compose.yml file and removing /var/run/docker.sock:/var/run/docker.sock from the volumes

How to achieve that with gitness? I tried:

• set command as in portainer but gitness does not start at all
• set GITNESS_URL_CONTAINER=tcp://docker-socket-proxy:2375. Executing a pipeline I get the following

  Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Any advice? Thanks

[bradrydzewski]

You can pass the DOCKER_HOST variable to Gitness to override the host address

DOCKER_HOST=tcp://localhost:2375

Note that DOCKER_CERT_PATH, DOCKER_TLS_VERIFY and DOCKER_API_VERSION are also supported.

[indaco]

Thanks a lot @bradrydzewski. It works.

For future references...

set POST=1 on docker-socket-proxy config in addition to other settings