I am setting up a new Jenkins as our old one is based on a deprecated base image.
Dockerfile is:
FROM jenkins/jenkins:lts-centos7
USER root
RUN yum -y install docker
&& yum clean all
USER jenkins
When I docker exec ...
into the container and log into our Sonatype Nexus to pull Docker images from it, the successful login does not seem to be heeded by Jenkins afterwards:
[root@909fb3a3d52c .docker]# docker login https://our.nexus.internal:<endpoint>
Username (jenkins): jenkins
Password:
Login Succeeded
[root@909fb3a3d52c .docker]# pwd
/root/.docker
[root@909fb3a3d52c .docker]# cat config.json
{
"auths": {
"https://our.nexus.internal:<endpoint>": {
"auth": "<CORRECT base64 hash>"
}
}
Login has succeeded, the auth credentials are written to /root/.docker/config.json and when I base64-decode them they are correct “jenkins:”.
However:
[root@909fb3a3d52c .docker]# docker pull https://our.nexus.internal:<endpoint>/myImage:myTag
Error response from daemon: Get https://our.nexus.internal:<endpoint>/v2/myImage/manifests/myTag: no basic auth credentials
This will also happen during execution of a Jenkins pipeline (obviously), where job log reports:
docker pull https://our.nexus.internal:<endpoint>/myImage:myTag
Error response from daemon: Get Error response from daemon: Get https://our.nexus.internal:<endpoint>/v2/myImage/manifests/myTag: no basic auth credentials
script returned exit code 1
I assume this to not be a question about nexus but about how the credentials from docker login are stored and used.
Sidenote: We have a different Jenkins currently operational which is based on jenkinsci/blueocean:1.22.0 which does NOT display this behaviour. It can docker login fine and docker pull fine.
edit1:
Running docker-compose
does work while a manual docker pull...
will not:
[root@3eeee032ff08 /]# docker login https://nexus:port
Username: jenkins
Password:
Login Succeeded
[root@3eeee032ff08 /]# docker pull nexus:port/company/image:myTag
Error response from daemon: Get https://nexus:port/v2/company/image/manifests/myTag: no basic auth credentials
[root@3eeee032ff08 /]# cat docker-compose.yml
version: '3.3'
services:
jenkins:
user: root
image: nexus:port/company/image:myTag
[root@3eeee032ff08 /]# docker-compose up
Creating network "default_default" with the default driver
Pulling jenkins (nexus:port/company/image:myTag)...
myTag: Pulling from company/image
f34b00c7da20: Pull complete
3f316190de62: Pull complete
480967924aca: Pull complete
619ac94672e0: Pull complete
cb1c6713a236: Pull complete
55766a17b1c6: Pull complete
8f6e881b2ef2: Pull complete
f118a721eee8: Pull complete
fae3c8e02b83: Pull complete
093ceb59408d: Pull complete
e3bd3cbf474d: Pull complete
41a6f4e5de6d: Pull complete
aa1aece4c754: Pull complete
fc897d8ca22f: Pull complete
Digest: sha256:3fd74169f648784fe960add9c0138e3802a91e82c9b5fdbd734faaeaaef696f9
Status: Downloaded newer image for nexus:port/company/image:myTag
Go to Source
Author: Worp