Certificate signed by unknown authority when using nexus image repo #412
Comments
|
Can you please share your |
|
Same issue with docker hub (https://registry-1.docker.io) |
|
i got the some problem |
|
Hi team, I'm having the exact same issue.... Thanks ! |
|
I have the same problem, running v0.12.0 on arm64. |
|
This seems to no longer be an issue in the image tagged "latest" so hopefully it's fixed in 0.13.0 :) |
|
Please verify this for version 0.13.0 |
|
I am facing the same issue. I have tried using latest, but still the issue remains. I am using harbor registry. |
|
Same issue with private, self-hosted repository with certificate signed by Let's encrypt. Any news on this? |
|
I have also encountered this issue using v0.12.0. Following the discussion I have set up the following configuration: (after updating to latest tag*) apiVersion: v1
data:
log.level: debug
registries.conf: | # set up registry for nexus
registries:
- name: corpnexus
prefix: "corpnexus.corp.my-org.net:8082"
default: true
api_url: https://corpnexus.corp.my-org.net:8082
insecure: true
kind: ConfigMap
metadata:
annotations:
creationTimestamp: "2023-04-02T10:39:10Z"
labels:
app.kubernetes.io/name: argocd-image-updater-config
app.kubernetes.io/part-of: argocd-image-updater
name: argocd-image-updater-config
namespace: gitopsI executed into the # content of app/config inside argocd-image-updater container (k8s)
/app/config $ ls
registries.conf ssh
# content of regisries config
/app/config $ cat registries.conf
registries:
- name: corpnexus
prefix: "corpnexus.corp.my-org.net:8082"
default: true
api_url: https://corpnexus.corp.my-org.net:8082
insecure: true
# Testing connection to nexus
/app/config $ argocd-image-updater test corpnexus.corp.my-org.net:8082/digital/my-org.digital.an_app/build_sprint_13_an_app --registries-conf-path
./registries.conf
DEBU[0000] Creating in-cluster Kubernetes client
INFO[0000] retrieving information about image image_alias= image_name="corpnexus.corp.my-org.net:8082/digital/my-org.digital.an_app/build_sprint_13_an_app" registry_url="corpnexus.corp.my-org.net:8082"
DEBU[0000] rate limiting is disabled prefix="corpnexus.corp.my-org.net:8082" registry="https://corpnexus.corp.my-org.net:8082"
DEBU[0000] Setting default registry endpoint to corpnexus.corp.my-org.net:8082
DEBU[0000] Previous default registry was docker.io
INFO[0000] Loaded 1 registry configurations from ./registries.conf
INFO[0000] Fetching available tags and metadata from registry application=test image_alias= image_name="corpnexus.corp.my-org.net:8082/digital/my-org.digital.an_app/build_sprint_13_an_app" registry_url="corpnexus.corp.my-org.net:8082"
INFO[0000] Found 1 tags in registry application=test image_alias= image_name="corpnexus.corp.my-org.net:8082/digital/my-org.digital.an_app/build_sprint_13_an_app" registry_url="corpnexus.corp.my-org.net:8082"
DEBU[0000] could not parse input tag latest as semver: Invalid Semantic Version
INFO[0000] no newer version of image found application=test image_alias= image_name="corpnexus.corp.my-org.net:8082/digital/my-org.digital.an_app/build_sprint_13_an_app" registry_url="corpnexus.corp.my-org.net:8082"This seems to solve the issue, note: without directing the |
|
I had to add docker hub to the list of registries with |
While using the test command to check for latest tags from nexus image repository an error is observed about unknown certificate.
I've configured the registries conf and used insecure: true, yet the image-updater pod trying to access my registry using https.
two question:
for example:
argocd-image-updater test nexus3:2000/nginx
error received:
could not tags: Get "https://nexus3:2000/v2": x509 certificate signed by unknown authority application=test image_alias= image_name="nexus3:2000/nginx registry_url="nexus3:2000"
side note:
Argocd server is up and running and have the certificate in question added as config map.
The text was updated successfully, but these errors were encountered: