kinkerl
commented
5 months ago you can reach out via intercom. this feature exists on request ;)
Closed sgordeychuk closed 5 months ago
kinkerl
commented
5 months ago you can reach out via intercom. this feature exists on request ;)
sgordeychuk
commented
5 months ago @kinkerl thanks! Jonathan also mentioned that around a month ago, so I'll probably contact you guys regarding that once I have time to update the deployment process for APG :)
We made some deployment optimisations: we use pre-built docker images which include python dependencies, these images do not contain any project source code, there're just installing packages from packages.json (for JS) or requirements.txt (for python), and since we update those reqs not that frequently we can prebuild them.
currently we do this with some regular public docker hub account, because divio doesn't allow private docker registries, there's just no way to add key or anything for that.
But I'd like to move all this prebuilt stuff to gitlab docker registry to have it privately, for security and for further improvement, for example we could prebuild some project-related parts in the future.
Currently it's only possible to use public images in Dockerfile which is used to deploy to divio. Although we want to put some important constant parts of the deployment to private docker images, that would allow us to have x10 speed optimisation of deployments of our projects.
I think it could be some auth token field on the project / organisation level where we could add credentials for login. It's possible to add auth for docker registry by adding auth token to
.docker/config.jsonlike that:Problem statement: The problem is that private docker registries requires authentication, and you can do it by doing docker login or by adding auth token to .docker/config.json or by just granting permissions to some user on registry level. Without that an attempt to pull the image from private registry will throw an error.