如何解决如何使用Jenkins自动将签名的Docker镜像推送到ACR?
从自托管注册表移至ACR,并具有其他内容信任要求。 这是我的Jenkinsfile片段:
environment {
DOCKER_CONTENT_TRUST=1
}
steps {
docker.build("${env.IMAGE_NAME}") # prevIoUsly generated,everything works here
docker.withRegistry("${env.ACR_ENDPOINT",'credential-id')
docker.image("${env.IMAGE_NAME}").push()
}
<snip>
10:16:53 2d9eaf1254e1: Pushed
10:16:55 fc5ad04c3ef7: Pushed
10:16:56 1.0.0.14-be4e7be: digest: sha256:fdlskfaskdfaksjdfkajsfdkjsndfkjasdnfkajndsfkjndkfjnfaskdjfnkdjsnakdsjnfakdj size: 2406
10:16:56 Signing and pushing trust Metadata
10:16:56 You are about to create a new root signing key passphrase. This passphrase
10:16:56 will be used to protect the most sensitive key in your signing system. Please
10:16:56 choose a long,complex passphrase and be careful to keep the password and the
10:16:56 key file itself secure and backed up. It is highly recommended that you use a
10:16:56 password manager to generate the passphrase and keep it safe. There will be no
10:16:56 way to recover this key. You can find the key in your config directory.
10:16:56 Enter passphrase for new root key with ID 9842jr2:
<snip>
10:16:56 Enter passphrase for new root key with ID 9842jr2:
10:16:56 maximum number of passphrase attempts exceeded
虽然仍然失败,但是图像被推送到ACR。 ACR已启用内容信任,IIRC将推送的图像限制为仅签名。 我如何解决此构建问题,同时仍然能够推送已签名的图像? 预先感谢。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
