Suppose that there is a private registry whose domain name is my-registry.private.
And there are 3 projects in the registry; “library”, “dev”, “security”.
“library” project can be publicly accessed by anonymous.
“dev” and “security” are totally separated to access, which means each project has each account to login.
And so I created two docker config files for “dev”, “security” referencing the following document, https://docs.drone.io/pipeline/kubernetes/syntax/images/#pulling-private-images.
It seems like that the first docker credential in image_pull_secrets is used in the same repository according to the following code. Can I specify a docker credential to pull image in step?
for _, step := range spec.Steps {
STEPS:
for _, cred := range creds {
if image.MatchHostname(step.Image, cred.Address) {
step.Auth = &engine.Auth{
Address: cred.Address,
Username: cred.Username,
Password: cred.Password,
}
break STEPS
}
}
}
My .drone.yml file is in below.
drone.yml
---
kind: pipeline
type: docker
name: default
clone:
disable: true
steps:
- name: clone
image: drone/git
- name: code test
image: my-registry.private/dev/golang
commands:
- go test
- name: security test
image: my-registry.private/security/scan
commands:
- scan all
- name: build/push
image: my-registry.private/library/drone-plugin-docker
privileged: true
settings:
registry: my-registry.private
username:
from_secret: docker_username
password:
from_secret: docker_password
repo: my-registry.private/dev/app
tags: latest
dockerfile: Dockerfile
image_pull_secrets:
- dockerconfig_security
- dockerconfig_dev