https://pantsbuild.org/ logo
Join Slack
Powered by
Is there a speific option for docker to use my <do...
# general
b
Is there a speific option for docker to use my docker.io login for pushing docker images? I can push my docker image, build with Pants manually, but 
./pants publish ...
always fails with 
denied: requested access to the resource is denied
I have set up no docker registry in the pants.toml so it tags the image without any registry info.
h
cc @curved-television-6568
c
Hi, We should add this to the docs, with examples. In order to use docker auth, you need to be logged in using 
docker login
prior to invoking pants. Then pass proper env vars along for docker to pick up the correct configuration so the session is propagated. Hope you can work with that..
👍 1
b
@curved-television-6568 Which env vars do I need to pass so that Pants know which login to use?
c
I think that 
DOCKER_CONTEXT
and/or 
DOCKER_CONFIG
are relevant here. See this thread for example: https://pantsbuild.slack.com/archives/C046T6T9U/p1637136003393600
To be clear, pants doesn’t use any login for Docker.
It is what env vars you need to pass through to the sandbox where Pants executes the Docker client in order for Docker to pick up the login session that you’ve setup outside of Pants.
👍 1
Using the 
[docker].env_vars
in pants.toml or similar: https://www.pantsbuild.org/v2.10/docs/reference-docker#section-env-vars
Also, if you’re on aws using a credential plugin, there’s work we need to do still, in order to support that.
b
Mhm I tried setting the DOCKER_CONTEXT and DOCKER_CONFIG env var but I don't get it to run. Is there a known problem when I'm logged in to multiple registries maybe?
AWS is definitely a use case which I need to support.
In the end I can circumvent this by using the docker daemon directly to push the image. Would be good to have everything in the build system, though.
Just resetted my docker config directory to be logged in only to one registry and it still fails.
c
Is it a private registry, or docker hub, or something else?
b
Is there anything I can do to see more output from the pants publish command than using 
--print-stacktrace -ldebug
?
It's the docker hub
c
No, 
-ldebug
gives you all the logs we have, and since the 
docker push
command runs as an interactive process, it’s not using a sandbox that we can introspect the actual command env and args used, unfortunately.
Are you on Linux or Mac?
b
ah that explains it 🙂
Ubuntu 21.04
👍 1
c
OK, I’ll do some testing on my end, see what I can find out. I’ve only tested this on Mac myself.
b
I completely resetted my docker daemon config also just to be sure.
c
Just for debugging purposes, try to also provide HOME and USER, see if it makes a difference..
b
jep, still fails
my docker version is Docker version 20.10.12, build e91ed57
Let me create an issue
👍 1
c
Thanks for banging at it 🙂
👍 1
b
c
One last thing, if you don’t mind trying, to also provide a value for DOCKER_CONFIG, so 
DOCKER_CONFIG=/home/user/.docker
or where the docker config directory is. Try with that alone (remove the other env vars from pants.toml)
b
Tried it with the fixed path to my docker config but still fails
c
Thanks for checking. I’ll have to do a proper ubuntu setup to try this on.
5 Views
Open in Slack
PreviousNext
Powered by