diff --git a/README.md b/README.md
index f87ed5ae18a59fdbe0d8ac62d64930a3a130f8a1..5d7d28f1f36d25f49a9c6dc9a1558fb640ff0f24 100644
--- a/README.md
+++ b/README.md
@@ -339,7 +339,7 @@ In addition to a textual report in the console, this job produces the following
| Report | Format | Usage |
| -------------------------------------------- | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| `reports/docker-hadolint-*.native.json` | native hadolint test report (json) | [DefectDojo integration](https://docs.defectdojo.com/en/connecting_your_tools/parsers/file/hadolint/)
_This report is generated only if DefectDojo template is detected_ |
+| `reports/docker-hadolint-*.native.json` | native hadolint test report (json) | [DefectDojo integration](https://docs.defectdojo.com/supported_tools/parsers/file/hadolint/)
_This report is generated only if DefectDojo template is detected_ |
| `reports/docker-hadolint-*.codeclimate.json` | hadolint (GitLab) codeclimate format | [GitLab integration](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscodequality) |
### `docker-*-build` jobs
@@ -483,7 +483,7 @@ In addition to a textual report in the console, this job produces the following
| Report | Format | Usage |
| ----------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `reports/docker-trivy-*.native.json` | Native Trivy report format (json) | [DefectDojo integration](https://docs.defectdojo.com/en/connecting_your_tools/parsers/file/trivy/)
_This report is generated only if DefectDojo template is detected_ |
+| `reports/docker-trivy-*.native.json` | Native Trivy report format (json) | [DefectDojo integration](https://docs.defectdojo.com/supported_tools/parsers/file/trivy/)
_This report is generated only if DefectDojo template is detected_ |
| `reports/docker-trivy-*.gitlab.json` | [Trivy report format for GitLab Container Security](https://trivy.dev/docs/latest/tutorials/integrations/gitlab-ci/) format | [GitLab Container Security](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscontainer_scanning) |
| `reports/docker-trivy-*.gitlab-codequality.json` | [Trivy report format for GitLab Code Quality](https://trivy.dev/docs/latest/tutorials/integrations/gitlab-ci/) format | [GitLab Code Quality](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscodequality) |
diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index 113c41d4bdc867eb212030883960b566df79bd80..581f058517bd5ec4dc9a8bebe7c4d74144b5b1c7 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -829,7 +829,14 @@ stages:
# use a merged auth config for the destination image
echo "${docker_release_config_json}" > "$BUILDTOOL_HOME/skopeo/.docker/release-only.json"
maybe_install_python3
- merge_json "$BUILDTOOL_HOME/skopeo/.docker/release-only.json" "$BUILDTOOL_HOME/skopeo/.docker/src-config.json" > "$BUILDTOOL_HOME/skopeo/.docker/dest-config.json"
+ if [ -f "${DOCKER_CONFIG_FILE}" ]
+ then
+ # $DOCKER_CONFIG_FILE takes precedence => src-config.json last
+ merge_json "$BUILDTOOL_HOME/skopeo/.docker/release-only.json" "$BUILDTOOL_HOME/skopeo/.docker/src-config.json" > "$BUILDTOOL_HOME/skopeo/.docker/dest-config.json"
+ else
+ # RELEASE auth takes precedence over SNAPSHOT => release-only.json last
+ merge_json "$BUILDTOOL_HOME/skopeo/.docker/src-config.json" "$BUILDTOOL_HOME/skopeo/.docker/release-only.json" > "$BUILDTOOL_HOME/skopeo/.docker/dest-config.json"
+ fi
fi
if [ "$docker_snapshot_registry_host" = "$docker_release_registry_host" ]