Allow AWS to authenticate with a Dockerhub private repository

Create .dockercfg file

Allow AWS to authenticate with a Dockerhub private repository

by John Vincent


Posted on June 5, 2021


AWS needs a .dockercfg file to allow AWS to authenticate with a Dockerhub private repository.

This is part of a series of discussions regarding Deploying TaskMuncher, a React and Node application, to a Multi-Container Docker Environment at AWS using Dockerhub and Travis CI

For more details, please see Overview of Create Multi-Container Docker TaskMuncher Application at AWS

Please review AWS Production Architecture.

Create .dockercfg file

As I am using a Mac this file is problematic to create.

My chosen solution is to create a Linux docker container and create the dockercfg file from Linux.

Makefile

For Makefile details, please see Configuring Makefiles to build and run Docker Images using Docker, Docker Compose and Dockerfile

cd <repo-root-dir>
mkdir -p config/dockercfg

Let's use the simple pattern I use throughout this application.

Create Makefile

dockercfg-dev-build:
	docker build -f ./config/dockercfg/Dockerfile \
		-t taskmuncher-dockercfg-dev-image:latest \
		.

dockercfg-dev-sh:
	docker run --rm --name taskmuncher-dockercfg-dev \
		-it taskmuncher-dockercfg-dev-image \
		sh

dockercfg-dev-run:
	docker run \
		--rm \
		--name taskmuncher-dockercfg-dev \
		-it \
		taskmuncher-dockercfg-dev-image:latest

where:

  • dockercfg-dev-build builds the image
  • dockercfg-dev-sh allows me to run a sh in the image
  • dockercfg-dev-run runs the image

Dockerfile

Create file ./config/dockercfg/Dockerfile

# Set the base image to Ubuntu 20.04
FROM ubuntu:20.04

# Update the repository sources list
RUN apt-get update
RUN apt-get install -y curl apt-transport-https ca-certificates gnupg-agent software-properties-common

RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -

RUN add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#
RUN apt-get update
RUN apt-get install -y docker-ce docker-ce-cli containerd.io

# use /app for our application
WORKDIR "/app"

# copy start file
COPY config/dockercfg/start-command ./start-command

# copy example cfg file
COPY config/dockercfg/examplecfg.txt ./examplecfg.txt

# copy docker password file
COPY config/dockercfg/my_password.txt ./my_password.txt

CMD ["./start-command"]

start-command

Create file ./config/dockercfg/start-command

#!/bin/sh
#

echo "Starting dockercfg:start-command"

cat /etc/os-release
docker -v

cd /app

USERNAME="<your-docker-id>"
cat ./my_password.txt | docker login --username $USERNAME --password-stdin

pwd
ls -la

echo "\nStart of generated dockercfg file\n"
cat /root/.docker/config.json
echo "\nEnd of generated dockercfg file\n"

echo "\nStart of example dockercfg file\n"
cat ./examplecfg.txt
echo "\nEnd of example dockercfg file\n"

echo "*** Build your own .dockercfg file from the above ***\n"

echo "Completed dockercfg:start-command"

Docker Password file

Create file ./config/dockercfg/my_password.txt

<your-docker-password>

Example .dockercfg file

Create file ./config/dockercfg/examplecfg.txt

{
  "https://index.docker.io/v1/": {
    "auth": "__auth__"
  }
}

Create .dockercfg file

Create file ./config/.dockercfg

{
  "https://index.docker.io/v1/": {
    "auth": "__auth__"
  }
}
  • make dockercfg-dev-build to build the image
  • make dockercfg-dev-run to create an authorization file in the container.

Notice the generated dockercfg file.

* Copy the `"auth"` value to `"__auth__"`

./config/.dockercfg is now ready to be used by AWS.



Taskmuncher