orpiske opened a new issue #2122: URL: https://github.com/apache/camel-k/issues/2122
This is based on a discussion I had with @astefanutti about a scenario where you have an insecure private registry and tries to pull/push your images there. It looks like only the [main registry can be defined as insecure]( https://github.com/apache/camel-k/blob/771cf16934a237c141055ae1c5cea6711a901040/pkg/builder/spectrum/publisher.go#L64-L68). However, because the code seems to source the secure/insecure configuration for the pull from another source (in my case, from the secret configuration generated from the `config.json`). It fails to pull because of: ``` spectrum - 2021/03/15 08:16:37 Pulling base image insecure-registry.com/opiske/openjdk11:slim (insecure=false)... spectrum - 2021/03/15 08:16:37 No matching credentials were found, falling back on anonymous {"level":"info","ts":1615796197.9196427,"logger":"camel-k.builder","msg":"step failed with error: could not pull base image image insecure-registry.com/opiske/openjdk11:slim: Get \"https://insecure-registry.com/v 2/\": x509: certificate has expired or is not yet valid: current time 2021-03-15T08:16:37Z is after 2017-10-24T21:09:52Z","step":"github.com/apache/camel-k/pkg/builder/spectrum/Publisher","phase":40,"name":"kit-c17heriign4meqfg3kn0","task ":"builder"} ``` @astefanutti suggested that the code should check if the registry for the base image matches the main registry and then evaluate the insecure pull/push for the build images based on that. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
