Mount Docker socket as volume in .drone.yml

robertstettner · November 22, 2016, 10:04am

I cannot use the docker plugin because I need to run tests on my Docker image after I build it before I can safely push it to my Docker registry. However, I have used the Docker plugin with great success, with secrets, but this doesn’t solve my problem.

I have seen that you can mount the docker.sock file as a volume from the host machine (the so-called “Docker-near-Docker” method). That works also if I mark my repo as “trusted”, however doing this does not pass in the docker credentials from the host to the container itself.

The only way I can think of doing this is to invoke the “docker login” command with the username and password, which I have stored as secrets for that image and repo. However, this does not work.

My pipeline is shown below.

pipeline:
  build:
    image: docker
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    commands:
      - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
      - docker build -t myorg/drone-slave .
      - docker run myorg/drone-slave /usr/local/bin/bats /test/test.bats
      - docker push myorg/drone-slave

Returns:

+ docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
inappropriate ioctl for device

How can I do this?

robertstettner · November 22, 2016, 10:40am

I fixed it by adding the volume:

- /root/.docker:/root/.docker

Which holds the Docker credentials, and passes them onto the container.

bradrydzewski · November 22, 2016, 11:12am

also see this github issue https://github.com/docker/docker/issues/12959#issuecomment-98725157

looks like you might just need mkdir /root before you login, so the folder is available for docker to write the credentials to.

robertstettner · November 22, 2016, 1:32pm

I did try that when using the docker login approach, but had some teething issues, so I decided to put in the creds with a volume. The .drone.yml file looks better for it.