I'm assuming I'll have to invoke the credential helper directly myself, which is fine. But maybe someone has already replicated some of what the docker CLI does. In particular checking the credHelpers section in ~/.docker/config.json, and selecting the right helper (if any) based on the registry.

Yay, got it to work!

(defn docker-registry-auth [image]
  (when (.exists docker-config-json)
    (let [config (json/parse-string (slurp docker-config-json))
          host   (if (str/starts-with? image "http")
                   (.getHost (java.net.URI. image))
                   (first (str/split image #"/")))
          registry (str "https://" host)
          auth   (or (get-in config ["auths" registry "auth"])
                     (get-in config ["auths" host "auth"]))
          helper (get-in config ["credHelpers" host])]
      (cond
        auth
        auth

        helper
        (let [{:keys [out err exit]} (sh/sh (str "docker-credential-" helper) "get" :in registry)]
          (when-not (str/blank? err)
            (println (str "[docker-credential-" helper "]") err))
          (when (= 0 exit)
            (base64-encode-str
             (let [{:strs [Username Secret]} (json/parse-string out)]
               (json/generate-string
                {:username Username
                 :password Secret})))))))))

(defn docker-pull [image]
  (let [auth (docker-registry-auth image)]
    {:op       :ImageCreate
     :params   (cond-> {:fromImage image}
                 auth
                 (assoc :X-Registry-Auth auth))}))

This is great! Would you like to contribute these examples and maybe more of your findings to the docs? I think they would be really useful there @U07FP7QJ0

Confirmed that it also happens with clojure:temurin-21-lein (which downloads a different image so I assume it's not just an alias?).

i think that one is the ubuntu style, whereas mine is alpine.

Seems to be broken the same way on every lein image for both 21 and 22. File an issue here https://github.com/Quantisan/docker-clojure/issues (I don't use Leiningen, only the Clojure CLI which works fine)

the clojure cli doesnt have nrepl right?

IDEs specify nREPL at jack-in for the CLI.

Or you can start nREPL via the CLI manually via options or an alias.

I haven't used Leiningen since 2015...

ok, yeah. I just wanted to create the simplest k8s pod possible that gives me an nrepl port .

and thought I can do with one of the provided images.

probably still possible with tools + a super long commandline

(~/clojure)-(!2014)-> clojure -Sdeps '{:deps {nrepl/nrepl {:mvn/version "RELEASE"}}}' -M -m nrepl.cmdline
Downloading: nrepl/nrepl/maven-metadata.xml from clojars
Downloading: nrepl/nrepl/1.2.0-beta1/nrepl-1.2.0-beta1.pom from clojars
Downloading: nrepl/nrepl/1.2.0-beta1/nrepl-1.2.0-beta1.jar from clojars
nREPL server started on port 39755 on host localhost - 

🙇

very good, actually that sounds very familiar to what one sees as the jack-in command in cider 💡

Yup, same with VS Code/Calva. The deps and command-line args are provided by the IDE.

I think this is caused by /root/.lein/ directory not being created beforehand. I'll take a look at this.

Ok that was a good morning session, now on to the boring work life. Thanks folks 🙂

@U06PNK4HG Will you be able to recreate and republish all those Docker images? I didn't check older than temurin-21 so I don't know how long this has been broken...

Yes. https://github.com/Quantisan/docker-clojure/pull/232

This probably went unchecked because most people use Docker for CI stuff and don't launch REPLs inside.

taking a look at this now. thanks for the PR @U06PNK4HG!

it's weird that we have to create this ~/.lein dir manually. the official install script (which we don't use) does not seem to create it (unless I'm missing it somewhere): https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein

makes me wonder how this dir usually gets created?

Is this a bug in leiningen itself?

looks like when you use the official installer it downloads the jar to ~/.lein/self-installs/ so that's why it already exists there. arguably still a lein bug, but probably fine to just work around it in the Dockerfile like this PR does for now

ok that's merged. will take a bit for everything to work its way through to Docker Hub, but this should be fixed in a few hours

thanks again @U06PNK4HG!

and thanks for reporting @U05KWT468F8!

starting a repl is slightly annoying to check w/ automated tests, but might be worth figuring out

official-images PR has been merged so fixed images should start appearing on Docker Hub soon

Cool, thank you Wes!