When building container images on Miget using Docker Engine, you might need to pull base images from a private Docker registry, such as a private repository on Docker Hub. To enable the Miget builder to authenticate and access your private registry, you can set the following environment variables in Settings -> Vars. These credentials allow the builder to log in to your private registry during the build process, ensuring that it can fetch your private images. Example Dockerfile: 
FROM my-private-registry/my-project/my-image:latest

ENV Variables to Set

For example, to allow Miget to access Docker Hub (example below) or other private registries, set the following variables:
  • EXTERNAL_REGISTRY_URL=docker.io
  • EXTERNAL_REGISTRY_USERNAME=<your_username>
  • EXTERNAL_REGISTRY_PASSWORD=<docker_hub_token>
For security reasons, it’s recommended to create a Read-Only token for authentication. This ensures that the Miget builder can pull images but cannot push any images to the external registry, maintaining stricter access control.

Supported Registries

Amazon Elastic Container Registry (ECR)

  • EXTERNAL_REGISTRY_URL=$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com Ensure the $AWS_ACCOUNT_ID and $AWS_REGION values match those in your AWS account.

Azure Container Registry (ACR)

  • EXTERNAL_REGISTRY_URL=$REGISTRY_NAME.azurecr.io Replace $REGISTRY_NAME with your registry’s name in Azure.

Docker Hub

  • EXTERNAL_REGISTRY_URL=docker.io Make sure you own the namespace (you pull from) specified in the Dockerfile

DigitalOcean Container Registry

  • EXTERNAL_REGISTRY_URL=registry.digitalocean.com

GitHub Container Registry (GHCR)

  • EXTERNAL_REGISTRY_URL=ghcr.io

Quay.io

  • EXTERNAL_REGISTRY_URL=quay.io
By configuring these environment variables, Miget can securely log in to your private registry and pull the required images during your builds.