It is a common practice for an organisation to have a private docker registry which is the only source of images during the build in a CI/CD pipeline.
If you are using testcontainers, note that by default they are using Docker Hub as a source of images.
To use the private registry you need to add the testcontainers.properties
file to the src/test/resources
directory and provide your private registry as an image prefix, for instance:
hub.image.name.prefix=private-registry.example.com/
Note that trailing slash /
is needed here, so that the full path to the image is built correctly.
Once this is done, you may experience some issues with the build.
Testcontainers use ryuk image under the hood. And some versions of ryuk have known security vulnerabilities. So, it would be reasonable to drop vulnerable images from the private registry and keep healthy images only.
If you are lucky enough, your testcontainers version will use the vulnerable ryuk version. In this case, you can provide the ryuk image manually in the aforementioned testcontainers.properties
file, for instance:
ryuk.container.image=testcontainers/ryuk:0.3.3
Another potential issue during the build is images used in tests, for instance, database images like PostgreSQL or Neo4j. Make sure they are available in the private registry.
Dream your code, code your dream.
Top comments (0)