I have a local gitlab runner that is behind a proxy. When building docker images, it fails to access the repos.
Errors:
Err:1 http://deb.debian.org/debian buster InRelease Could not connect to deb.debian.org:80 (199.232.98.132). - connect (111: Connection refused)
Relevant part of CI/CD
build_image:
image: docker:20.10.16
services:
- docker:20.10.16-dind
variables:
HTTPS_PROXY: http://proxy.example.com:3128
HTTP_PROXY: http://proxy.example.com:3128
NO_PROXY: docker
stage: test
before_script:
- docker info
- docker login nexus-docker.example.com:5000 -u $NEXUS_USER -p $NEXUS_PASS
script:
- docker build -t nexus-docker.example.com:5000/occ/groupsyncer:latest .
except:
- master
gitlab runner config:
[[runners]]
name = "docker-runner"
url = "https://gitlab.example.com/"
token = "REDACTED"
executor = "docker"
cache_dir="/cache"
clone_url = "https://gitlab.example.com/"
environment = ["https_proxy=http://squidproxy.example.com:3128", "http_proxy=http://squidproxy.example.com:3128", "HTTPS_PROXY=squidproxy.example.com:3128", "HTTP_PROXY=squidproxy.example.com:3128", "no_proxy=gitlab.example.com", "NO_PROXY=gitlab.example.com,docker,thealias"]
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[runners.docker]
volumes = ["/var/run/docker.sock:/var/run/docker.sock","/opt/gitlab-runner/cache:/cache:rw"]
tls_verify = false
image = "docker:20.10.16"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
shm_size = 0
/etc/systemd/system/docker.service.d/http-proxy.conf
Environment="HTTP_PROXY=http://squidproxy.example.com:3128" "HTTPS_PROXY=http://squidproxy.example.com:3128" "NO_PROXY=.example.com,.occdev.example.com" "http_proxy=http://squidproxy.example.com:3128" "https_proxy=http://squidproxy.example.com:3128"
Domain edited to example.com for posting
CodePudding user response:
Your container build process does not inherit environment variables by default. You must either (1) configure your dockerfile with the proxy variables or (2) pass in these variables as part of the build process with build args.
For example, in your dockerfile, you might add the following ARG
instructions to your dockerfile:
FROM foo:tag
ARG HTTP_PROXY=defaultvalue
ARG HTTPS_PROXY=defaultvalue
RUN apt update && apt install -y ...
# or whatever...
You can pass this variable through to the build process when calling docker build
docker build --build-arg HTTP_PROXY="${HTTP_PROXY}" \
--build-arg HTTPS_PROXY="${HTTPS_PROXY}" \
-t nexus-docker.example.com:5000/occ/groupsyncer:latest .