commit 5470d77e1a9817c55a44ef73881bc54b95803e83
parent 07238697f16c283a5fc1b386ad5fecd9fd53ad1b
Author: Andreas Gruhler <agruhl@gmx.ch>
Date: Sun, 10 Aug 2025 17:02:36 +0200
feat(jenkins-agent): insecure registries
Diffstat:
2 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/docker/docker-jenkins-inbound-agent/README b/docker/docker-jenkins-inbound-agent/README
@@ -52,6 +52,7 @@ Jenkins agent (a Nomad job):
"Config": {
"volumes": [
"/run/user/1312/podman/podman.sock:/home/jenkins/agent/podman.sock",
+ "/etc/containers/registries.conf:/etc/containers/registries.conf",
"/home/jenkins/workspace:/home/jenkins/workspace"
],
"image": "127.0.0.1:5000/jenkins-inbound-agent:latest"
@@ -68,6 +69,8 @@ Note:
* The Docker socket shared with the Nomad job (the Jenkins agent) here needs to
be activated and run in the background (see
https://code.in0rdr.ch/hashipi/file/nomad.sh.html)
+* The registries.conf from the host is used to connect to insecure (non-https)
+ registries
Because the Jenkins agent sits in between our Podman host (the Nomad agent) and
the downstream Docker container where we run our app logic, it is essential to
diff --git a/hcl/default/jenkins/templates/jenkins.yaml.tmpl b/hcl/default/jenkins/templates/jenkins.yaml.tmpl
@@ -99,6 +99,7 @@ jenkins:
"Config": {
"volumes": [
"/run/user/1312/podman/podman.sock:/home/jenkins/agent/podman.sock",
+ "/etc/containers/registries.conf:/etc/containers/registries.conf",
"/home/jenkins/workspace:/home/jenkins/workspace"
],
"devices": [
