Vault: no basic auth credentials with private registry


I’ve recently switched my homelab to use version 1.0.0-rc.6 and since I haven’t been able to push new images using the vault integration.

The pipeline I’m using looks like this:

kind: pipeline
name: default

  os: linux
  arch: amd64

- name: build
  image: plugins/docker
    registry: private.registry
    repo: private.registry/foo
    - latest
      from_secret: username
      from_secret: password

kind: secret
type: general
    path: secret/drone/docker
    name: password
    path: secret/drone/docker
    name: username

I’ve tried with either the latest version of the plugins/docker plugin or with the older version and I end up with the same problem.

What I end up with is something like this:

+ /usr/local/bin/docker push private.registry/foo:16
226 The push refers to repository [private.registry/foo]
227 956e9bb9078f: Preparing
228 3661c06c0c82: Preparing
229 09a6a9feda5d: Preparing
230 bcf2f368fe23: Preparing
231 no basic auth credentials
232 time="2019-03-10T20:35:29Z" level=fatal msg="exit status 1"

I’ve followed the guide while adding the VAULT_ADDR environment variable since it’s missing in the documentation. There isn’t any errors in either the agent, drone/vault or the server.



This is because there were two syntax changes to the yaml that impact registry secrets and external secrets. See the release notes, specifically the section about breaking changes, for more details.