## Summary Users need an easy way to authenticate to a Docker registry when using GitLab Functions. Currently, the documentation suggests using the [docker-auth example](https://gitlab.com/gitlab-org/ci-cd/runner-tools/gitlab-functions-examples/docker-auth), but this is only a documentation example and not an officially maintained implementation. ## Problem The current approach requires users to either: - Copy the example implementation into their own projects - Reference the example repository directly (which is not intended for production use) This leads to: - Increased friction for users getting started with GitLab Functions - Inconsistent implementations across projects - Potential security issues if the example is not kept up to date - No official support or maintenance guarantees ## Proposal Provide Docker registry authentication as either: 1. **A builtin function** - Built directly into the step-runner for immediate availability 2. **An OCI function** - An officially maintained, public, fetchable GitLab Function that users can reference The implementation should support the same features as the current example: - Username/password authentication to any container registry - Credential helper support (e.g., `ecr-login`, `gcr`) - Credential store support - Merging with existing `~/.docker/config.json` ## Requirements - Support authentication to GitLab Container Registry using `CI_REGISTRY_*` variables - Support authentication to external registries (Docker Hub, GCR, ECR, etc.) - Handle credential management securely - Generate `DOCKER_AUTH_CONFIG` compatible output - Integrate seamlessly with existing CI/CD variables and secrets ## Related - [docker-auth example](https://gitlab.com/gitlab-org/ci-cd/runner-tools/gitlab-functions-examples/docker-auth) - Current documentation example