Open achaphiv opened 3 years ago
Ah interesting - it sounds like there might be some magic behaviour in Docker CLI, mapping docker.io
to another hostname. If this is the case, we'd have to emulate that, potentially.
Are you using hardcoded credentials in your ~/.docker/config.json
file, or are you using a creds helper/store? (Looking in the file it should be fairly obvious which is in effect).
My CI runs:
docker login -u ${DOCKERHUB_USERNAME} -p ${DOCKERHUB_PASSWORD}
# ...
./gradlew clean build
Depending on what's already in the config file, that docker login
could be either writing hardcoded creds or pushing the creds into an helper/store.
This is AWS codepipeline/codebuild, so it just starts fresh each time.
I checked via cat ~/.docker/config.json
, and it's just hardcoded { auths: { ... } }
. No credentials store.
In my case the docker.io registry is hardcoded in a library (specifically it's the reference to docker.io/vectorized/redpanda in the quarkus-kafka devservice).
A rather dirty hack is to duplicate the auth entry in the ~/.docker/config.json to the name "docker.io". Sadly I have to do this manually with jq because docker login docker.io
just creates the entry for the fully qualified hostname.
This ist the line I use:
jq '.auths["docker.io"] = .auths[.auths|keys[]|select(.|test("http.*docker.io"))]' ~/.docker/config.json > ~/.docker/config.json.modified && \
mv ~/.docker/config.json.modified ~/.docker/config.json
Version:
org.testcontainers:testcontainers-bom:1.16.0
This works fine:
new GenericContainer<>("amazon/dynamodb-local:1.16.0")
I've been seeing more recommendations to prefer fully qualified docker images (e.g.
podman
), so I switched to:new GenericContainer<>("docker.io/amazon/dynamodb-local:1.16.0")
And then errors started occurring during my CI build.
I eventually figured out that the auth config was not being picked up:
So I switched to
index.docker.io
, and it worked.new GenericContainer<>("index.docker.io/amazon/dynamodb-local:1.16.0")
:However, this is out of line with the docker cli, which does read from the
~/.docker/config.json
.If I change the
https://index.docker.io/v1/
auth
value and try to pull via:docker -D pull docker.io/amazon/dynamodb-local:1.16.0
It fails with: