When using plugins/ecr, I am seeing an issue with docker.io rate-limiting when I pull public images as part of a Dockerfile build. We have a paid dockerhub account that is configured in the drone repository plugin. We don’t see any rate limiting in other builds that don’t use the ecr plugin.
It appears that these pull requests are being done anonymously if they are triggered from the ecr plugin.
How can we leverage the docker.io credentials that we configured in the registry plugin when using the ecr plugin?
The registry extension provides credentials to the Drone runner so that it can authenticate / pull images defined in the image section of your yaml only. These credentials cannot be used for any other purpose, and for security reasons, are never injected into pipeline containers.
If you want to expose your credentials to pipeline containers (ecr plugin) see the Docker-in-Docker Plugins section of this thread which describes a few different options: