The Dependency Proxy is moving to open source

Oct 30, 2020 · 3 min read
Tim Rizzi GitLab profile

Docker Hub recently announced and will soon enforce rate limits on pull requests from Docker Hub. Starting Nov. 2, 2020, pull rates will be limited based on your individual IP address for anonymous users or on your pricing tier if you are authenticated and signed in.

When I first read about the change, I thought, "We have to tell people about the Dependency Proxy," which is meant for proxying and caching images from Docker Hub. Unfortunately, the Dependency Proxy has several limitations that will prevent you from relying on it to solve this rate-limiting issue. However, we arrived at a key question during the evaluation process: "Should proxying and caching images from Docker Hub be an open source feature?"

The short answer is yes. At GitLab, to determine what is open source and what is not, we ask ourselves: Who cares the most about the feature? Pulling images from Docker Hub is done every day by all types of developers. By supporting proxying and caching in Core, we can help developers everywhere by increasing the reliability and performance of their pipelines. The same is true for pulling packages from npm, Maven, PyPI, or any of the other most common public repositories.

As of GitLab 13.6 (Nov. 22nd, 2020), using the Dependency Proxy for proxying and caching images from Docker Hub or packages from any of the supported public repositories will be free for all GitLab users. Exciting, right?

We recognize that many users in our community have creative ideas on how to make GitLab an even better product. By partnering with the open source community, we can open source features even more quickly. And, we could use your help! There are a few key issues that will help everyone in the Community prepare for these upcoming Docker Hub rate limits and have faster, more reliable builds.

More details

What this means is that before you can do something like:

docker pull gitlab.example.com/groupname/dependency_proxy/containers/alpine:latest

You must first log in by providing your username/password or personal access (Sorry, no anonyomous pulls)

docker login gitlab.example.com

And, if you are interested in helping the Dependency Proxy work with npm, consider contributing to these issues:

“.@gitlab is moving the Dependency Proxy to Core to help address Docker Hub rate-limiting issues” – Tim Rizzi

Click to tweet

Open in Web IDE View source