Bug: Remote certificate is expired - need to skip TLS verification
alikdolg opened this issue · 1 comments
Describe the bug
We are using gnomock.StartCustom container with JFrog docker, the provider's docker registry has an expired certificate and has yet to update it, this causes our test pipeline to fail.
We need an ability to skip TLS verification when pulling a docker image.
To Reproduce
container, err := gnomock.StartCustom(
"jfrog-docker-reg2.bintray.io/jfrog/artifactory-oss:latest", namedPorts,
gnomock.WithContainerName("meow"),
gnomock.WithUseLocalImagesFirst(),
gnomock.WithHealthCheck(func(ctx context.Context, c *gnomock.Container) error {
addr := fmt.Sprintf("http://%s/artifactory/api/system/ping", c.Address("api"))
resp, err := http.Get(addr)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return fmt.Errorf("artifactory is not ready")
}
return nil
}),
)
Expected behavior
Skip TLS verification
Screenshots
If applicable, add screenshots to help explain your problem.
System (please complete the following information):
- OS: [e.g. MacOS]
- Version [e.g. 0.9.2]
- Docker version
Additional context
Add any other context about the problem here.
Hi,
Insecure registries are handled by the docker engine, and not by clients like gnomock.
Unfortunately, I couldn't find a way to work around docker engine limitations from the client.
Try reading about insecure registries to solve your issue on the lower level. Basically you need to configure the docker engine to make insecure connections to the registries that appear in some list.