docker basic Auth failure #2116
Comments
|
Might be related to #1929 |
|
@pmbsa : Does it work when you modify it to specify port as well |
|
looks the same, is that down to the way the dns name is structured with "-"? |
|
Maybe it's because there is no user element in image name. In #1929 Our logic is assuming that |
|
aargh, apologies, I didnt mean to close it |
|
I will have a go at a few things and see if i can get more details |
|
yes, works perfectly when I add a port! |
|
Duplicate of #1929 |
|
@pmbsa : Could you please provide some details about your setup? I see you're using a local registry. How are you running it? How have your set up authentication? Would really appreciate if you could help us in reproducing this issue. |
|
Hi @rohanKanojia. I am running sonatype nexus from the provided helm charts. I dont do any specialisations on that, just a basic install and then create a hosted docker registry listening on http (but via an https ingress configured in the charts). The authentication is nexus's basic admin user. I dont do anything beyond that. I have configured the registry in docker as 'insecure'. I can think of anything beyond that. The maven settings.xml are just the basic server config with username and password |
|
@pmbsa : Thanks a lot! I can reproduce the issue now with this setup. The issue seems to be at this line where we consider token as a registry only if it contains a colon: Now we're back at the same problem as #1929 . How can we determine whether a given token should be considered a domain or a user name? |
|
@pmbsa : I can think of a simple workaround. We can check whether the given token is a valid host by trying to access it. This would however make ImageName require internet access. private void checkWhetherFirstElementIsUserOrRegistryAndAssign(String[] parts) {
- if (containsColon(parts[0])) {
+ if (containsColon(parts[0]) || isKnownHost(parts[0])) {
assignRegistryAndRepository(parts);
} else {
assignUserAndRepository(parts);
}
}
+ private static boolean isKnownHost(String host) {
+ try {
+ InetAddress resolvedIpAddress = InetAddress.getByName(host);
+ return resolvedIpAddress.getHostAddress() != null;
+ } catch (UnknownHostException unknownHostException) {
+ return false;
+ }
+ }
What do you think about this? |
|
personally, I think the current solution of simply adding a port is fine. It was an easy understandable fix and doesnt require internet access. Just feels a cleaner way for me anyway. Maybe just needs stressing in the doco or FAQ's and thats enough? |
|
@pmbsa : We finally managed to close the issue :-) . Could you please try out our <pluginRepositories>
<pluginRepository>
<id>oss.sonatype.org</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
<snapshots>
<enabled>true</enabled>
<updatePolicy>always</updatePolicy>
</snapshots>
</pluginRepository>
</pluginRepositories> |
|
hey @rohanKanojia , that worked a treat thanks. I reverted my settings back to and its working perfectly |
Describe the bug
I am trying to build and push my image. I have a local docker registry configured and working fine with docker cmdline interactions.
For auth I have gone with a simple server section in the ~/.m2/settings.yml
the base image is called myregistry.127.0.0.1.nip.io/eclipse-temurin:11.0.18_10-jdk-alpine
When I run k8s:build for example the build fails pulling the base image "no basic auth".
If I pass the docker creds in on the cmdline it works so its like its not matching the registry in the image to the registry in the server section in the settings.xml
any advice would be appreciated
Eclipse JKube version
1.11.0
Component
Kubernetes Maven Plugin
Apache Maven version
3.8.5
Gradle version
None
Steps to reproduce
as above
Expected behavior
image should be pulled from registry
Runtime
Kubernetes (vanilla)
Kubernetes API Server version
1.25.3
Environment
Linux
Eclipse JKube Logs
No response
Sample Reproducer Project
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: