Hi, I'm using a bitbucket-pipeline to build, tag and push docker-images.
I'm having trouble using a client-certificate to authenticate with a private registry.
On my desktop-machine(ubuntu) when i try to push to the registry i receive the following error:
$ docker push REGISTRY_DOMAIN_NAME/myImage:0.5.6
The push refers to repository [REGISTRY_DOMAIN_NAME/myImage]
Get https://REGISTRY_DOMAIN_NAME/v2/: remote error: tls: alert(116)
The ssl-error 116 code means certificate_required.
After i copied the certificates into the directory /etc/docker/certs.d/REGISTRY_DOMAIN_NAME the push completes successfully.
So i tried to replicate this within the bitbucket-pipeline. I'm writing the certificate-content from pipeline-variables into the same files as on my desktop-machine:
- mkdir -p /etc/docker/certs.d/REGISTRY_DOMAIN_NAME
- echo $DOCKER_CA_CRT > /etc/docker/certs.d/REGISTRY_DOMAIN_NAMEs/ca.crt
- echo $DOCKER_CLIENT_CRT > /etc/docker/certs.d/REGISTRY_DOMAIN_NAME/client.crt
- echo $DOCKER_CLIENT_KEY > /etc/docker/certs.d/REGISTRY_DOMAIN_NAME/client.key
- ls -al /etc/docker/certs.d/REGISTRY_DOMAIN_NAME/
The files are in the correct location:
+ ls -al /etc/docker/certs.d/REGISTRY_DOMAIN_NAME/
total 20
drwxrwxrwx. 2 root root 4096 Jan 15 09:24 .
drwxrwxrwx. 3 root root 4096 Jan 15 09:24 ..
-rw-rw-rw-. 1 root root 1647 Jan 15 09:24 ca.crt
-rw-rw-rw-. 1 root root 1696 Jan 15 09:24 client.crt
-rw-rw-rw-. 1 root root 1679 Jan 15 09:24 client.key
But in the bitbucket-pipeline the push still fails with the tls error 116.
Is there a way to use certificate-based authentication for a private docker-registry from within the bitbucket-pipeline?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.