登录我的GitLab Registry后,收到以下输出:
$ docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://gitlab.MYDOMAIN:4501/v2/: denied: access forbidden
在我的linux机器上,使用docker login和我的私人帐户详细信息导致同样的错误。
设置
docker Docker version 18.03.1-ce, build 9ee9f40
trafik for my GitLab docker container
为GitLab Registry& amp;打开端口4501通过了docker变量GITLAB_OMNIBUS_CONFIG: | registry_external_url 'https://${GITLAB_DOMAIN}:${GITLAB_REGISTRY_PORT}'
UNAUTHORIZED - authentication required .gitlab-ci.yml
image: docker
services:
- name: docker:dind
command: ["--insecure-registry=gitlab.MYDOMAIN:4501"]
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
stages:
- build
build:
stage: build
script:
- docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG .
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
only:
- master
GitLab Runner配置
concurrent = 1
check_interval = 0
[[runners]]
name = "olaf"
url = "https://gitlab.MYDOMAIN"
token = "xxxxxxxxxxxxx"
executor = "docker"
[runners.docker]
tls_verify = false
image = "ruby:2.1"
privileged = true
disable_cache = false
volumes = ["/cache"]
shm_size = 0
[runners.cache]
docker info 在CI管道内
完成CI管道的输出 / var / log / gitlab / registry / current $ docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.05.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: xxxxxxxxxxxxxxxx
runc version: xxxxxxxxxxxxxxx
init version: xxxxxxxxx
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.0-6-amd64
Operating System: Alpine Linux v3.7 (containerized)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 31.29GiB
Name: xxxxxxxxxxxxx
ID: xxxxxxxxxxxxxx
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
gitlab.MYDOMAIN:4501
127.0.0.0/8
Live Restore Enabled: false
gitlab容器内的Running with gitlab-runner 10.8.0 (079aad9e)
on olaf 2467327f
Using Docker executor with image docker ...
Starting service docker:dind ...
Pulling docker image docker:dind ...
Using docker image sha256:1f44348b3ad523d5dc4ae7d53bd873879e06e0df2d686e9029a666945443ef42 for docker:dind ...
Waiting for services to be up and running...
Pulling docker image docker ...
Using docker image sha256:2232c0bbbb8cc9238eefc10721db5662156a2624bc7405dc1cade624dde9aaec for docker ...
Running on runner-2467327f-project-17-concurrent-0 via 4ba803c01c0b...
Fetching changes...
HEAD is now at c8dff7b Update .gitlab-ci.yml
warning: redirecting to https://gitlab.MYDOMAIN:443/kwinkel/imagetest.git/
From http://gitlab.MYDOMAIN/kwinkel/imagetest
c8dff7b..dc1b150 master -> origin/master
Checking out dc1b1501 as master...
Skipping Git submodules setup
$ docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://gitlab.MYDOMAIN:4501/v2/: denied: access forbidden
ERROR: Job failed: exit code 1
2018-06-02_19:27:03.50891 time="2018-06-02T19:27:03.50886204Z" level=warning msg="error authorizing context: authorization token required"
environment=production go.version=go1.9.2 http.request.host="registry.gitlab.MYDOMAIN:4567"
http.request.id=336c98a1-743a-47a5-9760-c20f5b77116a http.request.method=GET http.request.remoteaddr=- http.request.uri="/v2/"
http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.9.0-6-amd64 os/linux arch/amd64
UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" instance.id=1024a4ad-7a80-49c9-92c6-77cbcff85bf6 service=registry version=v2.6.2-2-g91c17ef
答案 0 :(得分:0)
所以,我自己找到了答案。
诀窍是
https:// docker compose file / omnibus configuration
external_url 'https://${GITLAB_DOMAIN}'
nginx['listen_port'] = '80'
nginx['listen_https'] = false
并为注册表做同样的事情......
registry_external_url 'https://registry.${GITLAB_DOMAIN}'
registry_nginx['listen_port'] = '80'
registry_nginx['listen_https'] = false
解决方案:请查看https://github.com/kwinkel/Dockerfiles/tree/master/gitlab。也许它对你有帮助:))