Nomad pull from gitlab docker registry

How would you configure a nomad job to use a gitlab docker registry

The following works, but requires hard coding the configs into the nomad job

job "foobar" {
  group "foo" {
    driver = "docker"
    config {
      image = "gitlab.example.com:4567/foo/bar:1234"
      auth {
        username = 'foobar'
        password = 'correct-horse-battery-staple'
      }
    }
  }
}

If you do a docker login on the nomad agent, docker will create an auth file at ~/.docker/config.json.

Nomad will automatially attempt to use that auth method, you just need to ensure the nomad job specifies the server in the task config

job "foobar" {
  group "foo" {
    driver = "docker"
    config {
      image = "gitlab.example.com:4567/foo/bar:1234"
      auth {
        server_address = "gitlab.example.com:4567"
      }
    }
  }
}

cat /root/.docker/config.json (automatically generated by docker login )

{
	"auths": {
		"gitlab.example.com:4567": {
			"auth": "xxxxxxx="
		}
	},
	"HttpHeaders": {
		"User-Agent": "Docker-Client/19.03.0 (linux)"
	}
}
2 Likes