1

I've set up a Gitlab registry with self-signed certificate. After that I had to convince docker app to trust my CA, I did this by putting CA.crt into 

/etc/docker/certs.d/registry.gitlab.yourdomain:5000

But you have to convince docker executor and dind service in Gitlab Runner too, I've done this by passing cert through volumes in config.toml:

volumes = ["/cache", "/certs/client", "path/to/cert/ca.crt:/etc/docker/registry.gitlab.yourdomain:5000/ca.crt"]

See the problem? Gitlab Runner uses old volume specification, so :5000 part will break it. I know about existence of pre_clone_script, so that you can map your cert into some folder and then move it. But that will not solve the dind service problem - pre_clone_script will only be executed in 'main' container.

Improve this question

1 Answer 1

Reset to default
1

Oh well, the answer was simple: why do you need to use volume only for file transfer? Just volume the directory, containing problematic folder with cert in it.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.