This post is mainly about harbor robot accounts.
Robot accounts are accounts used to run automated operations and have no access to the frontend. The account to use in your continuous integration or k8s registry secrets.
You create a robot account by going to:
Project -> Robot Accounts -> New Robot Account
The Problem $
Harbor forces the username of the robot account to be: robot$<account_name>.
The robot$ prefix makes it easily distinguishable from a normal Harbor user account
For a rancher robot:
robot$rancher
When adding that secret in kubernetes (via rancher) I get:
Error: ImagePullBackOffWhen I save the username as robot$rancher as a gitlab environment variable. It does not store anything after the $ sign.
$ echo $HARBOR_USERNAME
robotDoing a 1 line login does not work:
echo -n $HARBOR_PASSWORD | docker login -u "robot$gitlab_portal" --password-stdin $HARBOR_REGISTRYhowever, doing it with this method does:
docker login $HARBOR_REGISTRY
username: ...
password: ...The username seems to be the issue:
$ export HARBOR_USERNAME="robot$gitlab_portal"
$ echo $HARBOR_USERNAME
robotThe Fix
In this post one user suggested quoting the password:
docker login -u '' -p '' that worked. So in your gitlab ci file you can do:
echo -n $HARBOR_PASSWORD | docker login -u 'robot$gitlab_portal' --password-stdin $HARBOR_REGISTRY