#Pull image from private docker registry in docker_build

I thought I already had everything sorted out but suddenly my pipelines in Kubernetes via Argo start failing. In my registry logs I see that dagger is trying to authenticate without user and then the request is rejected.

We do (shortend):

secrets = [
    dag.set_secret("registry-password", await registry_password.plaintext()),
    dag.set_secret("registry-username", registry_username),
]

container = (
    directory.docker_build(
            target=build_stage,
            dockerfile=root_dir.file("scripts/dagger/docker/Dockerfile"),
            build_args=build_args,
            secrets=secrets or [],
    )
    .with_registry_auth(
        "docker.artifacts.company.local", registry_username, registry_password
    )
)

But apparently this does not provide authentication to any docker image pull inside the Dockerfile.
There was a similar question in the past: https://discord.com/channels/707636530424053791/1313155675572011049
But the solution isn't applicable for my situation.

The documentation states:

Use the Container.withRegistryAuth() GraphQL API method. A native equivalent of this method is available in each Dagger SDK.
Dagger SDKs can use your existing Docker credentials without requiring separate authentication. Simply execute docker login against your container registry on the host where your Dagger workflows are running.
https://docs.dagger.io/faq/#how-do-i-log-in-to-a-container-registry-using-a-dagger-sdk

But executing docker login that way isn't possible. It would be great if the docs could be extended for how to handle this in the Kubernetes case.

How can I do docker_build with docker registry authentication via the dagger python SDK?

Pull image from private docker registry in docker_build

I had this issue. You can use Container.WithRegistryAuth which auths your Dagger session (not just that request) then use Directory.Dockerbuild with a from private registry image.

ah, you mean I can try to do a separate container instance with the "withregistryauth" and then after that do the directoy.dockerbuild and it will reuse the login done by the prior container?

Yep. The docs aren't clear about this, but WithRegistryAuth auths that Dagger session. I have a Container.WithRegistryAuth.Sync that does nothing other than that, then later in another function I build images with FROM private-repo and it works fine.

Didn't work in my first try. Will continue trying on that. In the python SDK I'm now doing:

(
    # Perform a docker registry login, this will be reused by other sessions later
    await dag.container()
    .with_registry_auth(
        "docker.artifacts.company.local", registry_username, registry_password
    )
    .sync()
)

As my first step in the dagger function/module.

In the other question the provided example had a .Sync(context.Background()) but I don't know what the python equivalent to context.Background() would be or if this is strictly needed.

Still failing. Anything I need to change on the above code?

I'm not sure the python SDK has the same side effect of with_registry_auth executing a docker login. The code doc suggest it's only for the combination with .publish