Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[docker-up] Auto-login if GITPOD_IMAGE_AUTH is set #20571

Draft
wants to merge 5 commits into
base: main
Choose a base branch
from

Conversation

geropl
Copy link
Member

@geropl geropl commented Jan 31, 2025

Description

This PR introduces automatic authentication for dockerd inside workspaces, if GITPOD_IMAGE_AUTH is either set on org, project or user level.

ToDo:

  • manually verify it works and explain how to test
  • ❓ Do we want an opt-in option in the org settings?

Related Issue(s)

Fixes CLC-1098

How to test

TODO

Documentation

Preview status

gitpod:summary

Build Options

Build
  • /werft with-werft
    Run the build with werft instead of GHA
  • leeway-no-cache
  • /werft no-test
    Run Leeway with --dont-test
Publish
  • /werft publish-to-npm
  • /werft publish-to-jb-marketplace
Installer
  • analytics=segment
  • with-dedicated-emulation
  • workspace-feature-flags
    Add desired feature flags to the end of the line above, space separated
Preview Environment / Integration Tests
  • /werft with-local-preview
    If enabled this will build install/preview
  • /werft with-preview
  • /werft with-large-vm
  • /werft with-gce-vm
    If enabled this will create the environment on GCE infra
  • /werft preemptible
    Saves cost. Untick this only if you're really sure you need a non-preemtible machine.
  • with-integration-tests=all
    Valid options are all, workspace, webapp, ide, jetbrains, vscode, ssh. If enabled, with-preview and with-large-vm will be enabled.
  • with-monitoring

/hold

… fields, add tests

Tool: gitpod/catfood.gitpod.cloud
Details
  - proxy.go: make the core request-handling logic reusable
  - forward_proxy.go: re-used the proxy logic to setup a simple forwarding proxy without any mappings
  - auth.go: fixed multiple bugs,  added tests and introduced handling of GITPOD_IMAGE_AUTH format

Tool: gitpod/catfood.gitpod.cloud
…PROXY_ENABLED for control

docker-proxy is a MITM proxy to intercept HTTPS traffic. It does that to inject authentication for all registires configured

Tool: gitpod/catfood.gitpod.cloud
…ocker-proxy in enclave and have supervisor configure dockerd for it

Tool: gitpod/catfood.gitpod.cloud
…bled" is true

Tool: gitpod/catfood.gitpod.cloud
Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants