Hi everyone
I have an issue where I have the same job that will sometimes pass, and sometimes fail with:
ERROR: Job failed: failed to pull image "my-registry/mygroup/base-containers/main:latest" with specified policies [always]: Error response from daemon: Head "https://my-registry/v2/mygroup/base-containers/main/manifests/latest": unauthorized: HTTP Basic: Access denied.
I have determined that every time the pipeline succeeds, it contains the following line in the job cli window:
Using Docker executor with image my_registry/my_group/base-containers/main:latest ...
Authenticating with credentials from job payload (GitLab Registry)
Pulling docker image my_registry/my_group/base-containers/main:latest ...
and every time it fails it contains:
Using Docker executor with image my_registry/my_group/base-containers/main:latest ...
Authenticating with credentials from /root/.docker/config.json
Pulling docker image my_registry/my_group/base-containers/main:latest ...
This will happen on the same runner using the same tags.
Excerpt from my .gitlab-ci.yml:
image: my_registry/my_group/base-containers/main:latest
stages:
- test_code
- build-container
- deploy
test_code:
stage: test_code
tags:
- docker
script:
- yum install -y httpd
- cp -f ${CI_PROJECT_DIR}/index.html /var/www/html/
- cat /var/www/html/index.html
- /usr/sbin/httpd
- curl http://127.0.0.1/index.html
only:
- main
...
As I have stated, this same job will either pass or fail, depending on that auth line.
Could anyone please explain to me what the heck is going on? I have been at this for 8 hours straight now, and nothing I do works.
So when does the runner determine to use Authenticating with credentials from job payload
vs Authenticating with credentials from /root/.docker/config.json
, especially seeing as the service here is not defined as dind?
Thank you in advance for anyone willing to help!