Hello, I can’t login from container to private repository (local hub).
We have a teamcity server and teamcity agent as containers, in it we have a build which builds and publishes our project. We use docker push for put image in private repo. But when it performs a command login we get an exception:
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
[08:24:51] [Step 9/13] Error response from daemon: Get privateDockerRegistry: unauthorized: authentication required
Hi, you are not showing the syntax of the docker login command nor the details of tagging your docker image and pushing the image to your private docker registry. So it’s hard for us to diagnose/determine/debug your problem.
First a couple of items.
You are specifying the password on the docker login command in your build process which is not a good thing.
*WARNING! Using --password via the CLI is insecure. Use --password-stdin.*
There is a more secure way to automate the docker login and specifying the password.
Also I am assuming that this url https://dhub.sqil.by/v2/ is the private Docker Registry?
Also, it’s not clear to me (and you should not assume) that this error: [08:24:51] [Step 9/13] Error response from daemon: Get https://dhub.sqil.by/v2/: unauthorized: authentication required
is due to the docker login failing. The login might have worked but then that error could be from another user or process in your build process that did not do a docker login who is trying to access your private registry (https://dhub.sqil.by/v2/).
Would be good if you could provide more details and also put “echo” commands in your workflow to trace the steps being performed.
Okay, enough said.
I’ll show you how I did this and this should help you try and “debug” your problem.
I’ll bring up a shell prompt in a container to demonstrate.
🐳 email@example.com:[~] $ docker container run -it --network=host --rm --volume /var/run/docker.sock:/var/run/docker.sock ubuntu:latest sh
The Docker daemon (engine) will not be running in the container, but the Docker CLI client will be available so I can run Docker commands to the Docker daemon installed on the Docker Node. I did a volume mount of the Docker Node’s Unix socket so the container can talk to the Docker daemon on the node.
Need to install curl in the container so I can curl the Docker code and install Docker in the container.
# apt update -qq;apt install -qq -y curl > /dev/null 2>&1
2 packages can be upgraded. Run 'apt list --upgradable' to see them.
I install Docker in the container so I can issue Docker commands from inside the container.
# curl --silent -SL https://get.docker.com/ | sh > /dev/null 2>&1
I run docker version to test the Docker install and Docker client to Docker daemon connection.
# docker version
API version: 1.39
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:35:31 2019
Server: Docker Engine - Enterprise
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 20b6775
Built: Wed Jan 9 16:34:38 2019
I now login to my Docker private registry from inside the container.
# docker login --username gforghetti https://worker1.example.com
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
I now pull an image so just so I can tag it and push it to my private Docker Registry to test this out.
# docker image pull alpine:latest
latest: Pulling from library/alpine
Status: Image is up to date for alpine:latest
Tag the image for pushing to my private Docker Registry
# docker image tag alpine:latest worker1.example.com/gforghetti/alpine:latest
I now push the tagged image to my private Docker Registry
# docker image push worker1.example.com/gforghetti/alpine:latest
The push refers to repository [worker1.example.com/gforghetti/alpine]
latest: digest: sha256:25b4d910f4b76a63a3b45d0f69a57c34157500faf6087236581eca221c62d214 size: 528