There are several categories of commands that work with Docker registry, thus need to authorize in Docker registry:
- During the build process werf may pull base images from Docker registry.
- During the publish process werf creates and updates images in Docker registry.
- During the cleaning process werf deletes images from Docker registry.
- During the deploy process werf needs to access images from Docker registry and stages which could also be stored in Docker registry.
These commands do not perform authorization and use prepared docker config to work with Docker registry.
Docker config is a directory which contains authorization info for registries and other settings.
By default, werf uses the same docker config as Docker utility does:
Docker config directory can be redefined by
$WERF_DOCKER_CONFIG environment variables.
The option and variable value is the same as
docker --config standard option value.
docker loginin parallel CI jobs can lead to failed jobs because of a race condition and temporary credentials. One job affects another job overriding temporary credentials in Docker config. Thus user should provide independent Docker configs between jobs,
docker --config, or use