Is there an existing issue for this?
Current Behavior
When I deploy a registry addon with the metallb ingress and cert-manager, pushing images into the registry with docker fails with the message Get "https://172.18.0.100/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority
I believe this is because the host does not know the cert-manager authority used for the generated self-signed certificates. Might be loosely related to #169 but not 100% sure.
Expected Behavior
Pushing images into the registry should work and the images should be made available to the cluster.
Steps To Reproduce
- Deploy a registry
registry := registry.NewBuilder().WithServiceTypeLoadBalancer().Build()
env, err = environments.NewBuilder().WithAddons(
certmanager.New(),
metallb.New(),
registry,
).Build(ctx)
- Attempt to push an image with the docker go sdk
cli, err := dockerClient.NewClientWithOpts(dockerClient.FromEnv)
source := "quay.io/bpfman-userspace/go-tc-counter:latest"
index := strings.LastIndex(source, "/")
target := fmt.Sprintf("%s/%s", registry.LoadBalancerAddress(), source[index+1:])
err = cli.ImageTag(context.Background(), source, target)
if err != nil {
return err
}
closer, err := cli.ImagePush(context.Background(), image.target, dockerTypes.ImagePushOptions{
All: true,
RegistryAuth: "something",
})
if err != nil {
return err
}
io.Copy(os.Stdout, closer)
closer.Close()
- Alternatively trying to push images manually with the docker cli produces the same error
docker tag quay.io/bpfman-userspace/go-tc-counter:latest 172.18.0.100/go-tc-counter:latest
docker push 172.18.0.100/go-tc-counter:latest
Kong Kubernetes Testing Framework Version
Kubernetes version
kind v0.22.0 go1.21.7 linux/amd64
Client Version: v1.29.2
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.29.2
Anything else?
No response
Is there an existing issue for this?
Current Behavior
When I deploy a registry addon with the metallb ingress and cert-manager, pushing images into the registry with docker fails with the message
Get "https://172.18.0.100/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authorityI believe this is because the host does not know the cert-manager authority used for the generated self-signed certificates. Might be loosely related to #169 but not 100% sure.
Expected Behavior
Pushing images into the registry should work and the images should be made available to the cluster.
Steps To Reproduce
Kong Kubernetes Testing Framework Version
Kubernetes version
Anything else?
No response