docker:cli how to set insecure-registries?

Question

docker:cli how to set insecure-registries?

Closed this issue 8 months ago · 3 comments

Hi,

I'm using a docker:cli image inside kubernetes with a buildkit pod to run my CI pipelines.
The build part works great but when I try to login into a local insecure registry to push my images it complains :
http: server gave HTTP response to HTTPS client

Usually I would just configure /etc/docker/daemon.json but I can't do that because there is no daemon in the cli image.

So how would I go about pushing images to an insecure registry?

Answer 1 · 2024-04-15T17:29:30.000Z

That's a daemon configuration, so it has to be set on whichever daemon your CLI is talking to in order for it to take effect.

Answer 2 · 2024-04-16T06:37:40.000Z

I have no docker daemon running, only builkitd inside another pod. I create a remote builder inside the docker:cli pod.

docker buildx create --name remote-builder --driver remote tcp://buildkitd:1234 no daemon needed
then I use it to build
docker build --builder remote-builder -t <my_registry>/path/image_name:tag --push no daemon needed, no error for insecure registry, only 401 because I'm not logged in.

When I try to docker login it complains about the insecure registry.
So do I really need a running daemon to login into my registry?

Answer 3 · 2024-04-16T07:46:45.000Z

Okay so I managed to do it, inside buildkitd.toml I configured the insecure registry, then inside my pipeline instead of docker login I write the .docker/config.json file by hand.

mkdir ~/.docker
echo "{\"auths\":{\"$REGISTRY_URL\":{\"auth\":\"$(echo -n ${REGISTRY_LOGIN}:${REGISTRY_PASSWORD} | base64)\"}}}" > ~/.docker/config.json

Then I can call docker build <...> --push and everything works just fine.