skaffold: x509: certificate signed by unknown authority

Expected behavior

build:
  insecureRegistries:
    - artifactory.xx.xx.com

The error in the title shouldn’t occur if repo is added to the insecure registries.

Actual behavior

error pushing image: failed to push to destination artifactory.xx.xx.com/data/<image>:<tag>: Get https://artifactory.xx.xx.com/v2/: x509: certificate signed by unknown authority

Information

Skaffold version: 0.27
Operating system: macOS
Contents of skaffold.yaml:

apiVersion: skaffold/v1beta8
kind: Config
build:
  insecureRegistries:
    - artifactory.xx.xx.com
  tagPolicy:
    gitCommit: {}
  artifacts:
    - image: artifactory.xx.xx.com/data/my-image
      context: src
      kaniko:
        buildContext:
          localDir: {}
  cluster:
    dockerConfig:
      path: /Users/xx/.docker/config_old.json
      secretName: docker-secret
    pullSecretName: kaniko-secret

Steps to reproduce the behavior

Run skaffold with the attached yaml

kaniko.flags is also deprecated so there is no way to use kaniko’s –skip-tls-verify-registry

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 32 (17 by maintainers)

Commits related to this issue

Add skip tls verify option to kaniko builder I was able to recreate the error in #1961 by using a kaniko image without a cert & pushing to an unauthenticated registry in Cloud Run. Adding this flag ... — committed to priyawadhwa/skaffold-1 by deleted user 5 years ago
Add skip tls verify option to kaniko builder I was able to recreate the error in #1961 by using a kaniko image without a cert & pushing to an unauthenticated registry in Cloud Run. Adding this flag ... — committed to priyawadhwa/skaffold-1 by deleted user 5 years ago

Most upvoted comments

Thank you @jimanvlad. we are actively working on this issue and share an update soon.

tejal29 on Sep 24, 2019

I started looking into this stay tuned on #2809

balopat on Sep 4, 2019

Hey @jimanvlad we are now passing in insecure registries to kaniko as of #2266. Could you try with the latest release and see if it fixes your issue?

priyawadhwa on Jul 24, 2019

I took a quick stab at this (https://github.com/GoogleContainerTools/skaffold/pull/1977) but have no idea if this even solves the issue – running it to see if it works and adding a test would be wonderful! 😃

Edit: I’ve added tests… now to see if this actually solves the issue. 😁

tjk on Apr 18, 2019