@@ -163,11 +163,16 @@ jobs:
163163 options : --privileged
164164 env :
165165 DOCKER_TLS_CERTDIR : " "
166+ # Bypass the squid proxy for internal registry access.
167+ NO_PROXY : " *.networkradius.com,127.0.0.1"
168+ # Mount the host's internal CA so dind trusts
169+ # docker.internal.networkradius.com for image pulls.
170+ volumes :
171+ - /usr/local/share/ca-certificates/networkradius.com.crt:/etc/docker/certs.d/docker.internal.networkradius.com/ca.crt:ro
166172
167173 env :
168174 MULTI_SERVER_TEST_LOG : build/tests/multi-server/freeradius-multi-server/multi_server_test.log
169175 MULTI_SERVER_TEST_LISTENER_LOG : build/tests/multi-server/freeradius-listener-logs/custom_test-env-5hs-autoaccept.txt.bak
170- DOCKER_HOST : tcp://dind:2375
171176
172177 container :
173178 image : docker.internal.networkradius.com/self-hosted
@@ -178,9 +183,15 @@ jobs:
178183 options : >-
179184 --privileged
180185 --memory-swap -1
186+ env :
187+ DOCKER_HOST : tcp://dind:2375
181188
182189 steps :
183190
191+ - name : Install Docker CLI
192+ run : |
193+ apt-get update && apt-get install -y --no-install-recommends docker.io
194+
184195name : Wait for Docker-in-Docker
185196 run : |
186197 for i in $(seq 1 30); do
@@ -192,6 +203,17 @@ jobs:
192203 with :
193204 lfs : false
194205
206+ # Authenticate to the internal registry via the dind daemon.
207+ # The host Docker daemon is logged in via the runner's
208+ # job-started hook, but dind is a separate daemon with no
209+ # auth config.
210+ - name : Login to internal Docker registry
211+ env :
212+ DOCKER_USERNAME : ${{ secrets.DOCKER_REPO_USERNAME }}
213+ DOCKER_PASSWORD : ${{ secrets.DOCKER_REPO_PASSWORD }}
214+ run : |
215+ echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin https://docker.internal.networkradius.com/
216+
195217name : Get pre-built Docker image for self-hosted runner test
196218 shell : bash
197219 env :
0 commit comments