3 months ago
I have internal Python packages that can only be accessed via the company VPN, so it’s impossible to build Docker images that contain them because pip makes requests from your server. If I will ship my own Docker image, I won't have this problem since the package will already be downloaded.
Pinned Solution
3 months ago
You can publish private images to Github's registry or Docker registry. You do not have to host your own registry. The only common "potential attack vector" is for an attacker to gain access to your API keys that is used to access the private registry.
6 Replies
3 months ago
Hey there! We've found the following might help you get unblocked faster:
If you find the answer from one of these, please let us know by solving the thread!
3 months ago
You can deploy Docker images from private registries, but it requires the Pro plan.
https://docs.railway.com/guides/services#deploying-a-private-docker-image
3 months ago
Isn't there an option that would work like railway up -s API -d --local-build, which would build locally and send the exported Docker image to Railway?
3 months ago
IIRC no, you're not able to build an image locally and upload it to Railway directly.
$ railway up -h
Upload and deploy project from the current directory
Usage: railway up [OPTIONS] [PATH]
Arguments:
[PATH]
Options:
-d, --detach Don't attach to the log stream
-c, --ci Stream build logs only, then exit (equivalent to setting $CI=true)
-s, --service <SERVICE> Service to deploy to (defaults to linked service)
-e, --environment <ENVIRONMENT> Environment to deploy to (defaults to linked environment)
--no-gitignore Don't ignore paths from .gitignore
--path-as-root Use the path argument as the prefix for the archive instead of the project directory
--verbose Verbose output
-h, --help Print help
-V, --version Print versionWhy wouldn't you want to upload it to a registry?
3 months ago
A private registry is another service that needs to be maintained. It also has to be exposed to the public network (This is for Railway, because you currently can’t connect a service from Project A to Project B via the internal network). This introduces potential attack vector. If it’s not currently possible, and if anyone from the Railway team is reading this, could you please consider this as a feedback or feature request? Thanks!
3 months ago
You can publish private images to Github's registry or Docker registry. You do not have to host your own registry. The only common "potential attack vector" is for an attacker to gain access to your API keys that is used to access the private registry.
Status changed to Solved noahd • 2 months ago