Rundeck is an automation tool similar to Ansible Tower (or AWX the open source upstream project for Tower). This article describes how to pull Docker images from Artifactory, ‘docker login’ to a repository, ‘docker pull’ an image from the repository. The terminal window is supposed to show what they would see, the rest of it is supposed to show what happens behind the scenes.

You will have been assigned one or more docker registries for your project, a local registry into which you push your own images, zero or more remote registries (Docker Hub, quay.io) and a virtual registry that encompasses all your registries. You must first log into your registry, in order to push or pull images. The virtual registry is the preferred registry to use since it can be used to push or pull images. The name of the virtual registry will be:

{project-key}-docker.artifactory.sdo.leidos.com

After logging into the registry you are able to push images to your local registry (Artifactory performs the mapping behind the scenes to your local registry) or pull images from any configured registry (Artifactory will search the local registry first, followed by any remote registries in the order in which they were configured). The Step-by-step guide below is an example of the process by which Artifactory in production and Artifactory in the DMZ goes through in order to pull an image.

Step-by-step guide

1. Determine if the image exists in the SecDevOps Production repository.  If it exists, proceed to step 8, otherwise proceed to step 2.
2. Determine if the image exists in the DMZ repository.  If it exists, proceed to step 6, otherwise proceed to step 3.
3. Request the image from the internet repository.
4. If the image requested in step 3 exists, it will be pulled into the SecDevOps DMZ repository
5. The image in the SecDevOps DMZ will be scanned for vulnerabilities.
6. The image will be pulled into the SecDevOps Production repository. If you arrived here from Step 2, proceed to step 8, otherwise proceed to step 7.
7. The image (now in the SecDevOps Production repository) is scanned for vulnerabilities.
8. The image is returned to the host.

Related articles

Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.