Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kaniko doesn't work with an HTTP registry build on Nexus OSS #667

Closed
alxsbn opened this issue May 17, 2019 · 6 comments
Closed

kaniko doesn't work with an HTTP registry build on Nexus OSS #667

alxsbn opened this issue May 17, 2019 · 6 comments

Comments

@alxsbn
Copy link

alxsbn commented May 17, 2019

Actual behavior
kaniko doesn't work with HTTP registry build on Nexus OSS 3

  • without flags : certificate signed by unknown authority
  • with --insecure : does not allow http request
  • with --skip-tls-verify : return no token in bearer response: {"title":"Unauthorized","description":"Authorize user failed"}.

To Reproduce
Nexus OSS is configure to be used as a private Docker repo with HTTP connector
The registry work well with the docker standard commands (login/push) and the tag insecure-registry into daemon.json

I'm using the gcr.io/kaniko-project/executor:debug and the following commands :
@himao
Copy link

himao commented Jul 9, 2019

same issue,any update?

@himao
Copy link

himao commented Jul 9, 2019

it seems like the --insecure no effect with the special registry port.
it's not work:

/kaniko/executor -f /myproj/Dockerfile -c /myproj --insecure --skip-tls-verify --destination="docker.abc.com:5000/temp/myimage" --verbosity debug 
error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for "docker.abc.com:5000/temp/myimage:latest": Get https://docker.abc.com:5000/v2/: http: server gave HTTP response to HTTPS client

but this is work:

/kaniko/executor -f /myproj/Dockerfile -c /myproj --insecure --skip-tls-verify --destination="docker.abc.com/temp/myimage" --verbosity debug

@ccaballero646
Copy link

Facing same issue, can't test workaround suggested above because the registry image comes in via environment variables from Gitlab CI.
Gitlab Runner can pull images from the registry without issues, but when running executor:

$ /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --insecure --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for $CI_REGISTRY_IMAGE: creating push check transport for $CI_REGISTRY failed: Get https://$CI_REGISTRY/v2/: http: server gave HTTP response to HTTPS client

@tralexa
Copy link
Contributor

tralexa commented Sep 16, 2019

#685 should fix this when using the Insecure or InsecureRegistries flag

@donmccasland
Copy link
Member

Merged #685, closing...

@JanHuege
Copy link

JanHuege commented Apr 4, 2024
edited
Loading

Using HTTPS we are facing the same issue. We cannot push the image to a nexus OSS Version(OSS 3.49.0-02) using gcr.io/kaniko-project/executor:v1.14.0-debug

Using username password auth we are facing:

error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for "private.registry.com/repository/imagename:tag": creating push check transport for private.registry.com failed: GET https://private.registry.com/v2/: unexpected status code 404 Not Found:

See: #3099

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@donmccasland @alxsbn @ccaballero646 @himao @JanHuege @tralexa