Job token permissions to access registries

Created in August 26, 2025

2025   ·   plug-and-play   proximal   ·   gitlab   cicd   registry   pull

We have a setup where a private gitlab repository is hosting a docker image in its container registry. This image is used with several repositories to build up documents, web pages, etc..

Unfortunately, sometimes, we have the issue that the job running on the secondary repositories fail with some errors like :

WARNING: Failed to pull image with policy "if-not-present": Error response from
daemon: pull access denied for ...

Actually this turns out to be a permission issue that must can be fixed on the gitlab repository hosting the image. This can be configured in the “Settings / CI-CD / Job Token permissions” menu. There, you can define an allowlist of foreign repositories that can access the registry.



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • Rethinking deep vision interpretability
  • Atomic auto-encoders for learning sparse representations
  • Regularized gradient descent
  • Test
  • Changing surrounding delimiters in VIM