jkube: Pull registry is not getting authenticated

Describe the bug

<sever> authentication in settings.xml doesn’t work for pullregistry. Also using docker login is not respected with pullregistry (settings.xml without server section).

I have two separate docker registries. One for pull (dockerhub proxy) and one for push. Case 1. jkube doesn’t respect settings.xml configuration

settings.xml

<settings>
  <servers>
    <server>
      <id>my.proxy</id>
      <username>user</username>
      <password>pass</password>
    </server>
  </servers>
</settings>

Dockerfile

FROM my.proxy/openjdk:17
# rest of the file

I noticed that everything works as expected when I set server id to docker.io Case 2. After logging via docker login to my.proxy I’m getting unauthorized exception.

Eclipse JKube version

1.10.0

Component

Kubernetes Maven Plugin

Apache Maven version

3.8.1

Gradle version

No response

Steps to reproduce

  1. Set settings.xml
<settings>
  <servers>
    <server>
      <id>my.proxy</id>
      <username>user</username>
      <password>pass</password>
    </server>
  </servers>
</settings>
  1. Set docker file Dockerfile
FROM my.proxy/openjdk:17
  1. Set pull registry in pom:
 <plugin>
        <groupId>org.eclipse.jkube</groupId>
        <artifactId>kubernetes-maven-plugin</artifactId>
        <version>1.10.1</version>
        <configuration>
          <pullregistry>my.proxy</pullregistry>
        </configuration>

Expected behavior

Image is being downloaded from registry.

Runtime

Kubernetes (vanilla)

Kubernetes API Server version

other (please specify in additional context)

Environment

macOS

Eclipse JKube Logs

Error while trying to build the image: Unable to pull 'my.proxy/openjdk:17' : {"message":"Head \"https://my.proxy/v2/openjdk/manifests/17\": unknown: Authentication is required"} (Internal Server Error: 500) -> [Help 1]

Sample Reproducer Project

No response

Additional context

No response

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 28 (28 by maintainers)

Commits related to this issue

Most upvoted comments

@manusa I’m usually have some spare time on Friday. Let me know if there is any Friday that fits you.

+1
balbusm on Jan 17, 2023

I’m pulling from jfrog and pushing to local nexus.

+1
balbusm on Dec 8, 2022

Let’s simplify a scenario. I have one custom repository to pull and push images. Push config works as one would expect:

  • it’s possible to push image my.repo/my-image to registry after docker login my.repo is executed
  • OR in settings.xml one needs to create server with id my.repo and push image my.repo/my-image
<settings>
  <servers>
    <server>
      <id>my.repo</id>
      <username>user</username>
      <password>pass</password>
    </server>
  </servers>
</settings>

In both cases push works. So I would expect if I try to pull image during a docker build above cases would work. However: If I try to build docker file with FROM my.repo/my-image jkube is not able to pull image. I have to add second entry to the settings.xml:

<settings>
  <servers>
    <server>
      <id>my.repo</id> # this works only for push to my.repo
      <username>user</username>
      <password>pass</password>
    </server>
    <server>
      <id>docker.io</id> # passing here again same credentials to my.repo docker registry for pull command, 
      <username>user</username>
      <password>pass</password>
    </server>
  </servers>
</settings>

I login with docker login my.repo no https://my.repo.

+1
balbusm on Dec 6, 2022
Read more comments on GitHub
← jkube: PortForwardTask.java: Either re-interrupt this method or rethrow the "InterruptedException" that can be caught here.
jkube: Resource example does not work →