Gitlab-runner Helm deployment doesn't work with self-signed certificates [minikube]
[ ref: https://docs.gitlab.com/charts/development/minikube/ , https://gitlab.com/gitlab-org/charts/gitlab/raw/master/examples/values-minikube.yaml , https://github.com/paulczar/spring-helloworld.git ]
Error
Logging in to GitLab Container Registry with CI credentials...
time="2021-06-20T14:31:58Z" level=info msg="Error logging in to endpoint, trying next endpoint" error="Get https://registry.192.168.49.2.nip.io/v2/: x509: certificate signed by unknown authority"
Get https://registry.192.168.49.2.nip.io/v2/: x509: certificate signed by unknown authority
Steps to reproduce: (following instructions from ref: above - 15 mins to complete)
$ minikube start --addons=dashboard,metrics-server,ingress
[ also created serviceaccount with clusteradmin role, extacted minikubeCA crt and key and clusteradmin_token ]
$ wget https://gitlab.com/gitlab-org/charts/gitlab/raw/master/examples/values-minikube.yaml
$ helm install gitlab gitlab/gitlab
-f values-minikube.yaml
--timeout 600s
--set global.hosts.domain=$(minikube ip).nip.io
--set global.hosts.externalIP=$(minikube ip)
[also extracted initial_password and gitlab-wildcard-tls-chain]
- Admin > Settings > Network > enable "Network Allow requests to the local network from web hooks and services"
- Admin > Kubernetes > existing cluster, https://kubernetes.default.svc with minikubeCA and clusteradmin_token, install runner]
- clone random spring/docker project and allow it to trigger autodevops
troubleshoot steps podman login --cert-dir . registry.$(minikube ip)nip.io:443 (verified using the extracted tls-chain)