Skip to content

AutoDevOps http: server gave HTTP response to HTTPS client

Summary

I've installed a gitlab CE server (Server A) and a docker server (Server B) in which I've configured a gitlab-runner to perform the CI tasks.

If I create my own .gitlab-ci.yml I have no problem to deploy my container on my gitlab insecure registry.

But If I use AutoDevOps I got the Error:

Error response from daemon: Get https://gitlab.mycompany.com:4567/v2/: http: server gave HTTP response to HTTPS client.

Steps to reproduce

On Server B

/etc/docker/daemon.json

{
  "insecure-registries": ["gitlab.mycompany.com:4567"]
}

/etc/default/docker

DOCKER_OPTS="--insecure-registry gitlab.mycompany.com:4567"

/etc/gitlab-runner/config.toml

[[runners]]
  name = "DockerBuilder"
  url = "http://gitlab.mycompany.com"
  token = "mytoken"
  executor = "docker"
  [runners.docker]
    tls_verify = false
    image = "docker:latest"
    privileged = true
    disable_cache = false
    volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock", "/etc/default/docker:/etc/default/docker", "/etc/docker/daemon.json:/etc/docker/daemon.json"]
    extra_hosts = ["localhost:172.X.X.X"]
    shm_size = 0
  [runners.cache]

gitlab-ci.yml

image: node:9.4.0-alpine
stages:
  - build
  - deploy 
build:
  stage: build
  script: 
    - npm install
deploy_staging:
  image: docker:latest
  stage: deploy
  script:
    - echo "======================================================"
    - echo "Creating image $IMAGE"
    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $REGISTRY
    - docker build -t $IMAGE .
    - docker push $IMAGE
    - docker logout $REGISTRY
  only:
    - master
  tags:
    # GitLab runner tag
    - dockerbuilder

With the previous configuration the task succeeded. As soon as I delete the gitlab-ci.yml the AutoDevOps task is automatically triggered and it fails with error:

Error response from daemon: Get https://gitlab.mycompany.com:4567/v2/: http: server gave HTTP response to HTTPS client

Example Project

What is the current bug behavior?

The AutoDevOps fails to connect to gitlab insecure registry

What is the expected correct behavior?

The AutoDevOps should be able to connect to gitlab insecure registry

Relevant logs and/or screenshots

Output with gitlab-ci.yml

Checking cache for default...
Successfully extracted cache

echo "Create image $IMAGE"
Create image  gitlab.mycompany.com:4567/gitlab/test:latest
$ docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $REGISTRY
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
$ docker build -t $IMAGE .
Sending build context to Docker daemon  65.54kB

Step 1/5 : FROM node:9.4.0-alpine
 ---> b5f94997f35f
Step 2/5 : WORKDIR /test
 ---> Using cache
 ---> d59afc63fc3c
Step 3/5 : COPY . .
 ---> 22dba930e8d0
Step 4/5 : RUN npm install
 ---> Running in 96fd26d15cbe
npm WARN httpserversimple@1.0.0 No description
npm WARN httpserversimple@1.0.0 No repository field.

added 23 packages in 1.086s
Removing intermediate container 96fd26d15cbe
 ---> 1fe762491357
Step 5/5 : CMD ["node_modules/http-server/bin/http-server"]
 ---> Running in ccd8aed99259
Removing intermediate container ccd8aed99259
 ---> 146bbfc1f5ec
Successfully built 146bbfc1f5ec
Successfully tagged gitlab.mycompany.com:4567/gitlab/test:latest
$ docker push $IMAGE
The push refers to repository [gitlab.mycompany.com:4567/gitlab/test]
babb4ee4b934: Preparing
665179878e7a: Preparing
c0e659a47576: Preparing
0804854a4553: Preparing
6bd4a62f5178: Preparing
9dfa40a0da3b: Preparing
9dfa40a0da3b: Waiting
0804854a4553: Layer already exists
c0e659a47576: Layer already exists
6bd4a62f5178: Layer already exists
9dfa40a0da3b: Layer already exists
665179878e7a: Pushed
babb4ee4b934: Pushed
latest: digest: sha256:d846d86f4a05c0f047c366bd01a9434f80ea378cc5f9686b3fdd4fa9e31e3ef3 size: 1577
$ docker logout $REGISTRY
Removing login credentials for gitlab.mycompany.com:4567
Creating cache default...
WARNING: node_modules/: no matching files          
WARNING: untracked: no files                       
Created cache
Job succeeded

Output with AutoDevOps:

Running with gitlab-runner 10.4.0 (857480b6)
  on SharedBuilder (5bfc72ef)
Using Docker executor with image docker:git ...
Starting service docker:dind ...
Pulling docker image docker:dind ...
Using docker image docker:dind ID=sha256:b0f11693bea6c288206edf9a775932e4092239baee6434d2cbde5a2f0d9f0cd7 for docker service...
Waiting for services to be up and running...
Using docker image sha256:327e2fb72bdb8f94e71ea9b6ce99c0c489e567347b3be2bdab2a14e50eee0de7 for predefined container...
Pulling docker image docker:git ...
Using docker image docker:git ID=sha256:568566d99c43e003bbae25c39c74dee1a952aef601529b6b5d7e9b2253ebad61 for build container...
Running on runner-5bfc72ef-project-4-concurrent-0 via node...
Fetching changes...
HEAD is now at fa6eb8c Initial commit
Checking out fa6eb8c2 as master...
Skipping Git submodules setup
$ # Auto DevOps variables and functions # collapsed multi-line command
$ setup_docker
$ build
Logging to GitLab Container Registry with CI credentials...
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://gitlab.mycompany.com:4567/v2/: http: server gave HTTP response to HTTPS client
ERROR: Job failed: exit code 1

Output of checks

(If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com)

Results of GitLab environment info

Expand for output related to GitLab environment info 
System information
System:         Ubuntu 16.04
Proxy:          no
Current User:   git
Using RVM:      no
Ruby Version:   2.3.6p384
Gem Version:    2.6.13
Bundler Version:1.13.7
Rake Version:   12.3.0
Redis Version:  3.2.11
Git Version:    2.14.3
Sidekiq Version:5.0.5
Go Version:     unknown

GitLab information
Version:        10.4.0-ee
Revision:       00592f0
Directory:      /opt/gitlab/embedded/service/gitlab-rails
DB Adapter:     postgresql
DB Version:     9.6.5
URL:            http://gitlab.mycompany.com
HTTP Clone URL: http://gitlab.mycompany.com/some-group/some-project.git
SSH Clone URL:  git@gitlab.mycompany.com:some-group/some-project.git
Elasticsearch:  no
Geo:            no
Using LDAP:     yes
Using Omniauth: no


GitLab Shell
Version:        5.11.0
Repository storage paths:
  • default: /var/opt/gitlab/git-data/repositories Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks Git: /opt/gitlab/embedded/bin/git

Results of GitLab application Check

Expand for output related to the GitLab application check 
Checking GitLab Shell ...

GitLab Shell version >= 5.11.0 ? ... OK (5.11.0)
Repo base directory exists?
default... yes
Repo storage directories are symlinks?
default... no
Repo paths owned by git:root, or git:git?
default... yes
Repo paths access is drwxrws---?
default... yes
hooks directories in repos are links: ...
7/4 ... ok
7/5 ... ok
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Check GitLab API access: OK
Redis available via internal API: OK


Access to /var/opt/gitlab/.ssh/authorized_keys: OK
gitlab-shell self-check successful


Checking GitLab Shell ... Finished


Checking Sidekiq ...


Running? ... yes
Number of Sidekiq processes ... 1


Checking Sidekiq ... Finished


Reply by email is disabled in config/gitlab.yml
Checking LDAP ...


Server: ldapmain
LDAP authentication... Success
LDAP users with access to your GitLab server (only showing the first 100 results)
DN: cn=imsware,ou=ic,dc=ic,dc=local      sAMAccountName: IMSWARE
DN: cn=info,ou=ic,dc=ic,dc=local         sAMAccountName: Info
DN: cn=ksb,ou=ic,dc=ic,dc=local  sAMAccountName: KSB
DN: cn=mch,ou=ic,dc=ic,dc=local  sAMAccountName: MCH
DN: cn=order,ou=ic,dc=ic,dc=local        sAMAccountName: Order
DN: cn=roche,ou=ic,dc=ic,dc=local        sAMAccountName: Roche
DN: cn=sfe,ou=ic,dc=ic,dc=local  sAMAccountName: SFE
DN: cn=simap,ou=ic,dc=ic,dc=local        sAMAccountName: Simap
DN: cn=slog,ou=ic,dc=ic,dc=local         sAMAccountName: SLOG
DN: cn=splunk,ou=ic,dc=ic,dc=local       sAMAccountName: Splunk
DN: cn=support slog,ou=ic,dc=ic,dc=local         sAMAccountName: Support SLOG
DN: cn=support,ou=ic,dc=ic,dc=local      sAMAccountName: Support
DN: cn=software licenses,ou=ic,dc=ic,dc=local    sAMAccountName: Software Licenses
DN: cn=teamleiter,ou=ic,dc=ic,dc=local   sAMAccountName: Teamleiter
DN: cn=tririga,ou=ic,dc=ic,dc=local      sAMAccountName: Tririga
DN: cn=uni basel,ou=ic,dc=ic,dc=local    sAMAccountName: Uni Basel
DN: cn=ucp cablecom,ou=ic,dc=ic,dc=local         sAMAccountName: UCP Cablecom
DN: cn=usi,ou=ic,dc=ic,dc=local  sAMAccountName: USI
DN: cn=webex,ou=ic,dc=ic,dc=local        sAMAccountName: Webex
DN: cn=zkb,ou=ic,dc=ic,dc=local  sAMAccountName: ZKB
DN: cn=sitzungszimmer,ou=ic,dc=ic,dc=local       sAMAccountName: Sitzungszimmer
DN: cn=beat gradischnig,ou=ic,dc=ic,dc=local     sAMAccountName: beat.gradischnig
DN: cn=harry moosmann,ou=ic,dc=ic,dc=local       sAMAccountName: harry.moosmann
DN: cn=uli siebold,ou=ic,dc=ic,dc=local  sAMAccountName: uli.siebold
DN: cn=diego di nunzio,ou=ic,dc=ic,dc=local      sAMAccountName: diego.dinunzio
DN: cn=alexander grass,ou=ic,dc=ic,dc=local      sAMAccountName: alexander.grass
DN: cn=g_vpn,ou=ic,dc=ic,dc=local        sAMAccountName: g_vpn
DN: cn=vpnbind,ou=ic,dc=ic,dc=local      sAMAccountName: vpnBind
DN: cn=splunk ldap,ou=ic,dc=ic,dc=local  sAMAccountName: splunk.ldap
DN: cn=fabrizio faustinoni,ou=ic,dc=ic,dc=local  sAMAccountName: fabrizio.faustinoni
DN: cn=automatic testing tool,ou=ic,dc=ic,dc=local       sAMAccountName: att
DN: cn=signage,ou=ic,dc=ic,dc=local      sAMAccountName: signage
DN: cn=stephan huber,ou=ic,dc=ic,dc=local        sAMAccountName: stephan.huber
DN: cn=team_pratteln,ou=ic,dc=ic,dc=local        sAMAccountName: Team_Pratteln
DN: cn=ferienplanung,ou=ic,dc=ic,dc=local        sAMAccountName: ferienplanung
DN: cn=mayelin rodriguez,ou=ic,dc=ic,dc=local    sAMAccountName: mayelin.rodriguez
DN: cn=loredana ventura,ou=ic,dc=ic,dc=local     sAMAccountName: loredana.ventura
DN: cn=cyrill schlecht,ou=ic,dc=ic,dc=local      sAMAccountName: cyrill.schlecht
DN: cn=reto biedermann,ou=ic,dc=ic,dc=local      sAMAccountName: reto.biedermann
DN: cn=henning tams,ou=ic,dc=ic,dc=local         sAMAccountName: henning.tams
DN: cn=andreas echelmeyer,ou=ic,dc=ic,dc=local   sAMAccountName: andreas.echelmeyer
DN: cn=almedin cavalic,ou=ic,dc=ic,dc=local      sAMAccountName: almedin.cavalic
DN: cn=andreas oswald,ou=ic,dc=ic,dc=local       sAMAccountName: andreas.oswald
DN: cn=brigitte eppenberger,ou=ic,dc=ic,dc=local         sAMAccountName: brigitte.eppenberger
DN: cn=daniel ellmer,ou=ic,dc=ic,dc=local        sAMAccountName: daniel.ellmer
DN: cn=florian keller,ou=ic,dc=ic,dc=local       sAMAccountName: florian.keller
DN: cn=heribert haldemann,ou=ic,dc=ic,dc=local   sAMAccountName: heribert.haldemann
DN: cn=joël jaun,ou=ic,dc=ic,dc=local    sAMAccountName: joel.jaun
DN: cn=oliver guggisberg,ou=ic,dc=ic,dc=local    sAMAccountName: oliver.guggisberg
DN: cn=mario k. oswald,ou=ic,dc=ic,dc=local      sAMAccountName: mario.k.oswald
DN: cn=philipp sick,ou=ic,dc=ic,dc=local         sAMAccountName: philipp.sick
DN: cn=philippe verdier,ou=ic,dc=ic,dc=local     sAMAccountName: philippe.verdier
DN: cn=renato heldner,ou=ic,dc=ic,dc=local       sAMAccountName: renato.heldner
DN: cn=stephan eppenberger,ou=ic,dc=ic,dc=local  sAMAccountName: stephan.eppenberger
DN: cn=steve howarth,ou=ic,dc=ic,dc=local        sAMAccountName: steve.howarth
DN: cn=tobias kern,ou=ic,dc=ic,dc=local  sAMAccountName: tobias.kern
DN: cn=yannick schlecht,ou=ic,dc=ic,dc=local     sAMAccountName: yannick.schlecht
DN: cn=roland meier,ou=ic,dc=ic,dc=local         sAMAccountName: roland.meier
DN: cn=arno knors,ou=ic,dc=ic,dc=local   sAMAccountName: arno.knors
DN: cn=e-mail connect,ou=ic,dc=ic,dc=local       sAMAccountName: emailconnect
DN: cn=helpdesk,ou=ic,dc=ic,dc=local     sAMAccountName: helpdesk
DN: cn=scan,ou=ic,dc=ic,dc=local         sAMAccountName: scan
DN: cn=log,ou=ic,dc=ic,dc=local  sAMAccountName: log
DN: cn=backup,ou=ic,dc=ic,dc=local       sAMAccountName: backup
DN: cn=swyx,ou=ic,dc=ic,dc=local         sAMAccountName: swyx
DN: cn=alarm,ou=ic,dc=ic,dc=local        sAMAccountName: alarm
DN: cn=team,ou=ic,dc=ic,dc=local         sAMAccountName: Team
DN: cn=admin,ou=ic,dc=ic,dc=local        sAMAccountName: Admin
DN: cn=apple,ou=ic,dc=ic,dc=local        sAMAccountName: Apple
DN: cn=axa,ou=ic,dc=ic,dc=local  sAMAccountName: Axa
DN: cn=ict ic information company ag,ou=ic,dc=ic,dc=local        sAMAccountName: ict
DN: cn=basf ic information company ag,ou=ic,dc=ic,dc=local       sAMAccountName: BASF IC information company AG
DN: cn=eam,ou=ic,dc=ic,dc=local  sAMAccountName: EAM
DN: cn=e-mail,ou=ic,dc=ic,dc=local       sAMAccountName: E-Mail
DN: cn=expomobilia,ou=ic,dc=ic,dc=local  sAMAccountName: Expomobilia
DN: cn=gl,ou=ic,dc=ic,dc=local   sAMAccountName: GL
DN: cn=hba bs,ou=ic,dc=ic,dc=local       sAMAccountName: HBA BS
DN: cn=ic basel,ou=ic,dc=ic,dc=local     sAMAccountName: IC Basel
DN: cn=ic freiburg,ou=ic,dc=ic,dc=local  sAMAccountName: IC Freiburg
DN: cn=icdd,ou=ic,dc=ic,dc=local         sAMAccountName: ICDD


Checking LDAP ... Finished


Checking GitLab ...


Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ...
7/4 ... yes
7/5 ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.3.5 ? ... yes (2.3.6)
Git version >= 2.7.3 ? ... yes (2.14.3)
Git user has default SSH configuration? ... yes
Active users: ... 4
Elasticsearch version 5.1 - 5.5? ... skipped (elasticsearch is disabled)


Checking GitLab ... Finished
Edited by fabry