Hey!
Probably a niche use-case, but we're building a service which uses a go docker client in order to check the existence of images in a private registry. Naturally, this needs a docker daemon to be able to run properly. It is currently being tested in Pipelines using docker-compose.
I've tried mounting the docker socket, to be able to use the parent docker daemon (correct me if I'm missing something) using:
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
in my docker-compose.yml file.
This runs fine locally but gives me permission denied when run in Pipelines. I understand there are constraints around running docker in privileged, mode for security reasons. Does this explicitly include this mounting? Is there anyway around it?
Hi @Jonas De Beukelaer ,
take a look at this page, it gives more info on how to run docker commands as well as docker-compose: https://confluence.atlassian.com/bitbucket/run-docker-commands-in-bitbucket-pipelines-879254331.html#RunDockercommandsinBitbucketPipelines-RunningDockercommands
Ah this was the document I was looking for to check. Looks like I definitely can't use mounting then.
I've figured out a way around this anyway, using the docker HTTP v2 API allows me to check for images without needed the docker daemon.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Can you explain the way you fixed the issue?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@soroush.kazemi since I only needed to check for image existence, I was able to use this API (golang version specifically) https://docs.docker.com/registry/spec/api/ to simply connect to the repo and check the image exists
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.