Skip to content

add GL_TOKEN_READ_REGISTRY to docker build

Meir Benayoun requested to merge 456507_download_private_package into master
  • Please check this box if this contribution uses AI-generated content as outlined in the GitLab DCO & CLA

Context

Analyzers are using CI templates.

They are used in particular for building the docker image of the analyzers.
As part of the Dockerfile, some artifacts are downloaded from package registries.
Currently, all the package registries accessed are publicly available, for instance SAST Rules.

Why this issue

As part of the new analyzer for Oxeye SAST, we need to download lightz-aio from a private registry.
This requires permissions, that need to be provided as a an argument for the docker build.

Proposed solution

In order to achieve that goal, I propose to modify the CI template so that it will provide it as an argument.

Related issues

https://gitlab.com/gitlab-org/gitlab/-/issues/456507

Edited by 🤖 GitLab Bot 🤖

Merge request reports