Support authentication from Docker daemon to private docker registry

[maxjiang153]

spring-boot-maven-plugin 2.3.x version support build layers docker image.

but use custom builder image or run image with private docker registry it can't works

like this:

			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
				<executions>
					<execution>
						<goals>
							<goal>build-info</goal>
						</goals>
					</execution>
				</executions>
				<configuration>
					<layers>
						<enabled>true</enabled>
					</layers>
					<image>
						<builder>xxxxx.dkr.ecr.cn-north-1.amazonaws.com.cn/paketo-buildpacks-builder:base-platform-api-0.3</builder>
					</image>
				</configuration>
			</plugin>

then run ./mvnw spring-boot:build-image will throw

 Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:2.3.2.RELEASE:build-image (default-cli) on project athena-marketing-server-start: Execution default-cli of goal org.springframework.boot:spring-boot-maven-plugin:2.3.2.RELEASE:build-image failed: Docker API call to 'localhost/v1.24/images/create?fromImage=882440569488.dkr.ecr.cn-north-1.amazonaws.com.cn%2Fpaketo-buildpacks-builder%3Abase-platform-api-0.3' failed with status code 500 "Internal Server Error" and message "Get https://xxxxx.dkr.ecr.cn-north-1.amazonaws.com.cn/v2/paketo-buildpacks-builder/manifests/base-platform-api-0.3: no basic auth credentials" -> [Help 1]

the docker registry xxxxx.dkr.ecr.cn-north-1.amazonaws.com.cn is private and authentication to pull docker images.

spring boot maven plugin call docker api does't have any auth params

spring-boot/spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/transport/HttpClientTransport.java

Line 126 in 4933b26

private Response execute(HttpUriRequest request) {

docker engine api provide X-Registry-Auth Header to authentication https://docs.docker.com/engine/api/v1.39/#section/Authentication

Authentication
Authentication for registries is handled client side. The client has to send authentication details to various endpoints that need to communicate with registries, such as POST /images/(name)/push. These are sent as X-Registry-Auth header as a base64url encoded (JSON) string with the following structure:

{
  "username": "string",
  "password": "string",
  "email": "string",
  "serveraddress": "string"
}

looks like spring boot maven plugin need support config X-Registry-Auth header or docker registry auth params to configure it.

[philwebb]

Closing in favor of PR #22837

[scottfrederick]

Re-opening the issue to discuss alternatives to the implementation in the referenced PR.

We'd like to support configuration of the available Docker registry authentication options (basic auth and token) using Maven and Gradle plugin configuration.

With Maven, this would look something like the following example for basic auth:

	<plugin>
	    <groupId>org.springframework.boot</groupId>
	    <artifactId>spring-boot-maven-plugin</artifactId>
	    <configuration>
	        <docker>
	            <registry>
	                <url>https://index.docker.io/v1/</url>
	                <username>user</username>
	                <password>secret</password>
	                <email>user@example.com</email>
	            </registry>
	        </docker>
	    </configuration>
	</plugin>

Or like the following example for token auth:

	<plugin>
	    <groupId>org.springframework.boot</groupId>
	    <artifactId>spring-boot-maven-plugin</artifactId>
	    <configuration>
	        <docker>
	            <registry>
	                <token>9cbaf023786cd7...</token>
	            </registry>
	        </docker>
	    </configuration>
	</plugin>