Deploying to own registry with CA certificate

docker
circle.yml

#1

Hi.
I want to push my docker image to my own registry (runs on private server) with a CA certificate inside my CircleCI build.

circle.yml:

machine:
  services:
    - docker

dependencies:
  override:
    - docker info
    - docker build -t myserver .

test:
  override:
    - docker run -it myserver npm test

deployment:
  hub:
    branch: master
    commands:
      - sudo mkdir -p /etc/docker/certs.d/<myIpAddress>:5043/
      - sudo echo $DOCKER_CERTIFICATE > /etc/docker/certs.d/<myIpAddress>:5043/ca.crt
      - docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS <myIpAddress>:5043
      - docker push myserver

while <myIpAddress> is an ip address for my server., and all environment variables set to my details.
I try to copy my certificate to that location because if I try to login without it, docker tells me that my certificate should be that (and I want the secured connection).
The problem is that sudo echo $DOCKER_CERTIFICATE > /etc/docker/certs.d/<myIpAddress>:5043/ca.crt fails because of:

bash: line 1: /etc/docker/certs.d/146.148.24.3:5043/ca.crt: Permission denied

what can I do ? is there any other way to provide the certificate, or to successfully copy that file to there ?
thank you

UPDATE: succeeded. (opened in a permitted directory and then cp-ed it to there). note that the CA certificate should have the original structure with newlines to make it work.

You can close that issue


#2

Hi,

I know you found a solution but I just wanted to provide another one. The reason why

      - sudo echo $DOCKER_CERTIFICATE > /etc/docker/certs.d/<myIpAddress>:5043/ca.crt

doesn’t work is because > is a redirect. sudo doesn’t so well with that. Instead, you could write the command like this:

      - sudo bash -c 'echo $DOCKER_CERTIFICATE > /etc/docker/certs.d/<myIpAddress>:5043/ca.crt'

I hope that helps.


#3