DataBiosphere · lucymcnatt · Oct 2, 2024 · Sep 10, 2024 · Sep 10, 2024 · Sep 10, 2024
diff --git a/http/src/main/resources/init-resources/gce-init.sh b/http/src/main/resources/init-resources/gce-init.sh
@@ -220,14 +220,7 @@ START_TIME=$(date +%s)
 STEP_TIMINGS=($(date +%s))
 
 
-# Use specific docker compose command if the container is coming from GCR, see  https://hub.docker.com/r/cryptopants/docker-compose-gcr
-# TODO - Also check for GAR see https://broadworkbench.atlassian.net/browse/IA-4518
-if grep -qF "gcr.io" <<< "${JUPYTER_DOCKER_IMAGE}${RSTUDIO_DOCKER_IMAGE}${PROXY_DOCKER_IMAGE}${WELDER_DOCKER_IMAGE}" ; then
-  log 'Authorizing GCR...'
-  DOCKER_COMPOSE="docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /var:/var -w=/var cryptopants/docker-compose-gcr"
-else
-  DOCKER_COMPOSE="docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /var:/var docker/compose:1.29.2"
-fi
+DOCKER_COMPOSE="docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /var:/var docker/compose:1.29.2"
 
 mkdir -p ${WORK_DIRECTORY}
 mkdir -p ${CERT_DIRECTORY}
@@ -381,7 +374,14 @@ docker network create -d bridge app_network
 ${DOCKER_COMPOSE} --env-file=/var/variables.env "${COMPOSE_FILES[@]}" config
 
 # Docker Pull
-retry 5 ${DOCKER_COMPOSE} --env-file=/var/variables.env "${COMPOSE_FILES[@]}" pull &> /var/docker_pull_output.txt
+log 'Pulling docker images...'
+if ! retry 5 ${DOCKER_COMPOSE} --env-file=/var/variables.env "${COMPOSE_FILES[@]}" pull &> /var/docker_pull_output.txt; then
+    # if coming from a private repo on GCR, need to use credentials supplied in cryptopants/docker-compose-gcr
+    # (see https://hub.docker.com/r/cryptopants/docker-compose-gcr)
+    log 'Docker pull failed. Private image, trying with cryptopants/docker-compose-gcr...'
+    DOCKER_COMPOSE="docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /var:/var -w=/var cryptopants/docker-compose-gcr"
+    retry 5 ${DOCKER_COMPOSE} --env-file=/var/variables.env "${COMPOSE_FILES[@]}" pull &> /var/docker_pull_output.txt;
+fi
 
 # This needs to happen before we start up containers because the jupyter user needs to be the owner of the PD
 chmod a+rwx ${WORK_DIRECTORY}

diff --git a/http/src/main/resources/init-resources/init-actions.sh b/http/src/main/resources/init-resources/init-actions.sh
@@ -276,11 +276,11 @@ END
     fi
 
 
-    # If any image is hosted in a GCR registry (detected by regex) then
+    # If any image is hosted in a GAR registry (detected by regex) then
     # authorize docker to interact with gcr.io.
-    # TODO - Also check for GAR see https://broadworkbench.atlassian.net/browse/IA-4518
+    # NOTE: GCR images are now hosted on GAR, but the file paths haven't changed, they automatically redirect.
     if grep -qF "gcr.io" <<< "${JUPYTER_DOCKER_IMAGE}${RSTUDIO_DOCKER_IMAGE}${PROXY_DOCKER_IMAGE}${WELDER_DOCKER_IMAGE}" ; then
-      log 'Authorizing GCR...'
+      log 'Authorizing GCR/GAR...'
       gcloud auth configure-docker
     fi