diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 870020c63718310aa5713b6d228b86c16c7ea78f..b76fe082a8695c678869a9161ad72019f52f5cb7 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,7 +2,7 @@ image: alpine
variables:
## External images
- DOCKER_IMAGE: docker.io/docker:27.2.0
+ DOCKER_IMAGE: docker.io/docker:27.3.1
SINGULARITY_IMAGE: quay.io/singularity/singularity:v3.11.5
## Default versions are specified in packages.yaml but can be overridden
@@ -448,6 +448,10 @@ eic:
--build-arg jobs=${JOBS}
--build-context spack-environment=spack-environment
--secret id=mirrors,src=mirrors.yaml
+ --secret type=env,id=CI_REGISTRY_USER,env=CI_REGISTRY_USER
+ --secret type=env,id=CI_REGISTRY_PASSWORD,env=CI_REGISTRY_PASSWORD
+ --secret type=env,id=GITHUB_REGISTRY_USER,env=GITHUB_REGISTRY_USER
+ --secret type=env,id=GITHUB_REGISTRY_TOKEN,env=GITHUB_REGISTRY_TOKEN
--provenance false
containers/jug
2>&1 | tee build.log
diff --git a/containers/jug/dev.Dockerfile b/containers/jug/dev.Dockerfile
index 4b2c241bea37eab4b7191dce59432e357b5f0ba3..72c155617f73fe25907bb2e5ab24f78b73bb40f7 100644
--- a/containers/jug/dev.Dockerfile
+++ b/containers/jug/dev.Dockerfile
@@ -1,4 +1,4 @@
-#syntax=docker/dockerfile:1.8
+#syntax=docker/dockerfile:1.10
#check
ARG DOCKER_REGISTRY="eicweb/"
ARG BUILDER_IMAGE="debian_stable_base"
@@ -63,6 +63,10 @@ ARG TARGETPLATFORM
RUN --mount=type=cache,target=/ccache,id=${TARGETPLATFORM} \
--mount=type=cache,target=/var/cache/spack \
--mount=type=secret,id=mirrors,target=/opt/spack/etc/spack/mirrors.yaml \
+ --mount=type=secret,id=CI_REGISTRY_USER,env=CI_REGISTRY_USER \
+ --mount=type=secret,id=CI_REGISTRY_PASSWORD,env=CI_REGISTRY_PASSWORD \
+ --mount=type=secret,id=GITHUB_REGISTRY_USER,env=GITHUB_REGISTRY_USER \
+ --mount=type=secret,id=GITHUB_REGISTRY_TOKEN,env=GITHUB_REGISTRY_TOKEN \
<<EOF
set -e
export CCACHE_DIR=/ccache
@@ -104,6 +108,10 @@ ARG TARGETPLATFORM
# Installation (default environment, from buildcache)
RUN --mount=type=cache,target=/var/cache/spack \
--mount=type=secret,id=mirrors,target=/opt/spack/etc/spack/mirrors.yaml \
+ --mount=type=secret,id=CI_REGISTRY_USER,env=CI_REGISTRY_USER \
+ --mount=type=secret,id=CI_REGISTRY_PASSWORD,env=CI_REGISTRY_PASSWORD \
+ --mount=type=secret,id=GITHUB_REGISTRY_USER,env=GITHUB_REGISTRY_USER \
+ --mount=type=secret,id=GITHUB_REGISTRY_TOKEN,env=GITHUB_REGISTRY_TOKEN \
<<EOF
make --jobs ${jobs} --keep-going --directory /opt/spack-environment \
SPACK_ENV=${SPACK_ENV} SPACK_INSTALL_FLAGS="--use-buildcache only"
@@ -181,6 +189,10 @@ ARG TARGETPLATFORM
RUN --mount=type=cache,target=/ccache,id=${TARGETPLATFORM} \
--mount=type=cache,target=/var/cache/spack \
--mount=type=secret,id=mirrors,target=/opt/spack/etc/spack/mirrors.yaml \
+ --mount=type=secret,id=CI_REGISTRY_USER,env=CI_REGISTRY_USER \
+ --mount=type=secret,id=CI_REGISTRY_PASSWORD,env=CI_REGISTRY_PASSWORD \
+ --mount=type=secret,id=GITHUB_REGISTRY_USER,env=GITHUB_REGISTRY_USER \
+ --mount=type=secret,id=GITHUB_REGISTRY_TOKEN,env=GITHUB_REGISTRY_TOKEN \
<<EOF
set -e
export CCACHE_DIR=/ccache
diff --git a/mirrors.yaml.in b/mirrors.yaml.in
index 6c0fdc5c75ba4d21669107c6a03992371b229870..8b6af391261b63ad3b49a965768ea7f75abdfa21 100644
--- a/mirrors.yaml.in
+++ b/mirrors.yaml.in
@@ -5,21 +5,21 @@ mirrors:
signed: false
fetch:
access_pair:
- - ${CI_REGISTRY_USER}
- - ${CI_REGISTRY_PASSWORD}
+ id_variable: CI_REGISTRY_USER
+ secret_variable: CI_REGISTRY_PASSWORD
push:
access_pair:
- - ${CI_REGISTRY_USER}
- - ${CI_REGISTRY_PASSWORD}
+ id_variable: CI_REGISTRY_USER
+ secret_variable: CI_REGISTRY_PASSWORD
ghcr:
autopush: true
url: oci://ghcr.io/eic/spack-${SPACK_VERSION}
signed: false
fetch:
access_pair:
- - ${GITHUB_REGISTRY_USER}
- - ${GITHUB_REGISTRY_TOKEN}
+ id_variable: GITHUB_REGISTRY_USER
+ secret_variable: GITHUB_REGISTRY_TOKEN
push:
access_pair:
- - ${GITHUB_REGISTRY_USER}
- - ${GITHUB_REGISTRY_TOKEN}
+ id_variable: GITHUB_REGISTRY_USER
+ secret_variable: GITHUB_REGISTRY_TOKEN