Framagit: Docker-in-Docker (CI/CD)

Hey there,

I’m using Framagit for my CI/CD pipeline. I’m struggling with docker-in-docker. It seems like my Docker Container can’t login to the other Docker container. So I tried to look up how other people did it on Framagit and it seems like everyone uses Dockerhub to login, which is something I try to avoid. So my plan is to login directly to the $CI_REGISTRY which framagit uses but I usually get a can't connect to hostname or a error: RPC failed; HTTP 500 curl 22 The requested URL returned error: 500 Internal Server Error or a certificate error. At this point I am not really sure, if it’s actually possible to do docker-in-docker with Framagit without using Dockerhub. Can someone give me some advice if this is possible?

That’s the repository:

I tried a couple of things today (optimizing with overlay, enable/disable TLS, changed tcp port), which all led into a pipeline failure.

I also saw that `CI_REGISTRY_IMAGE is an empty variable, if i echo it. Does that mean Framagit has no Container registry available at all?

Hi,

Publishing an image to a registry and building one are two different things. The Registry feature is indeed disabled on Framagit, because the storage space needed to offer this feature would go over the roof. You should be able to publish on other registeries such as Github, self-hosted Quay or Harbor, or maybe even Gitlab.com’s own registry.
To build an image, the docker-in-docker method needs to be root (privileged mode) on the host, and that’s a feature we can’t offer as well because of security reasons. However, there’s the Kaniko method that doesn’t need that (didn’t test it in a while, but worked at the time).
Another possibility may be to use Podman in docker, which shouldn’t require privileged mode, but I didn’t found many tutorials on the topic.

1 Like

Thank you @tcit
That was indeed helpful that the service is actually disabled.
I will look up the Kaniko method.