[Updated] Authenticate with Docker to avoid impact of Nov. 1st rate limits

Any recommendations on how to enable authenticating with Docker in forked PRs?

So far, the only way I can think of is to enable “Pass secrets to builds from forked pull requests” and then utilize contexts to limit which env variables are accessible to the jobs being run in forked PRs.

In other words, it seems that if you’re using Docker executors in jobs that are exposed to forked PRs, there is no way to protect your Docker username and access key.

Would be nice if CircleCI added project or org-level authentication that would take place outside of the pipeline.