Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enforce that builder and run images are pulled from the same authenticated registry #24552

Closed
scottfrederick opened this issue Dec 17, 2020 · 1 comment
Assignees
Labels
type: bug A general bug
Milestone

Comments

@scottfrederick
Copy link
Contributor

scottfrederick commented Dec 17, 2020

When the Gradle bootBuildImage task or Maven spring-boot:build-image goal is configured with an authenticated registry using docker.builderRegistry, both the builder image and run image will be pulled using the same registry credentials. The plugins should validate that both images are specified with a registry matching the registry specified in docker.builderRegistry and throw an obvious error message if that's not the case.

@scottfrederick scottfrederick added the type: bug A general bug label Dec 17, 2020
@scottfrederick scottfrederick added this to the 2.4.x milestone Dec 17, 2020
@scottfrederick scottfrederick self-assigned this Jan 11, 2021
@scottfrederick
Copy link
Contributor Author

both images are specified with a registry matching the registry specified in docker.builderRegistry

On further analysis, we should just verify that the builder and run images are in the same registry when docker.builderRegistry authentication is configured. With user authentication, docker.builderRegistry.url is an optional field (only docker.builderRegistry.username and docker.builderRegistry.password are required by the registry) and there is no URL provided with token authentication.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: bug A general bug
Projects
None yet
Development

No branches or pull requests

1 participant