This post is mainly about harbor robot accounts.
Robot accounts are accounts used to run automated operations and have no access to the frontend. The account to use in your continuous integration or k8s registry secrets.
You create a robot account by going to:
Project -> Robot Accounts -> New Robot Account
The Problem $
Harbor forces the username of the robot account to be:
The robot$ prefix makes it easily distinguishable from a normal Harbor user account
When adding that secret in kubernetes (via rancher) I get:
When I save the username as
robot$rancher as a gitlab environment variable. It does not store anything after the
$ echo $HARBOR_USERNAME robot
Doing a 1 line login does not work:
echo -n $HARBOR_PASSWORD | docker login -u "robot$gitlab_portal" --password-stdin $HARBOR_REGISTRY
however, doing it with this method does:
docker login $HARBOR_REGISTRY username: ... password: ...
The username seems to be the issue:
$ export HARBOR_USERNAME="robot$gitlab_portal" $ echo $HARBOR_USERNAME robot
In this post one user suggested quoting the password:
-u ' ' -p ' '
that worked. So in your gitlab ci file you can do:
echo -n $HARBOR_PASSWORD | docker login -u 'robot$gitlab_portal' --password-stdin $HARBOR_REGISTRY