custom certificates authority with auto-devops gitlab-ci not work
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Summary
hello, I use a custom authority certificate for my system, with gitlab docker and a docker for gilab runner, I try to perform a build with auto-devops of gitlab.
I always find myself again with an error of
Error response from daemon: Get https://gitlab.xxxx.xxx:5005/v2/: x509: certificate signed by unknown authority
somebody can explain what wrong and how to resolve this or is the bug?. thank you in advance.
- I add CA and certificats on gitlab-runner, by following these instructions: - https://gitlab.com/gitlab-org/gitlab-runner/blob/master/docs/configuration/advanced-configuration.md#using-a-private-docker-registry - https://docs.gitlab.com/runner/configuration/tls-self-signed.html
- for gitlab docker and internal registry configuration CA : - https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https - https://docs.gitlab.com/ce/administration/container_registry.html#container-registry-domain-configuration
- for host docker enable insecure-registries - https://docs.docker.com/registry/insecure/
Steps to reproduce
run auto-deploy on your project with custom CA configure in gitlab
Actual behavior
build your projet with auto-deploy mode from gitlab, builder finish with
Error response from daemon: Get https://gitlab.xxxx.xxx:5005/v2/: x509: certificate signed by unknown authority
when I try to login from host docker I have success
docker login gitlab.xxxx.xxx:5005
Username (user):
Password:
Login Succeededwhen i use this simple gitlab-ci.yml to test login
image: tmaier/docker-compose:latest
test:
script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN gitlab.xxxx.xxx:5005is work well : Login Succeeded
but when i try to use gitlab-ci.ym from template auto-devops build i have same error.
Expected behavior
build success
Relevant logs and/or screenshots
Environment description
docker info
Containers: 19
Running: 7
Paused: 0
Stopped: 12
Images: 59
Server Version: 17.12.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 89623f28b87a6004d4b785663257362d1658a729
runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-112-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 7.671GiB
Name: xxxxxxxxxxxxx
ID: BZHD:VMW7:W2YK:HME2:G5LM:SIFL:CK3S:LJOL:3OAC:VI5M:PTVJ:EL5R
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
gitlab.xxxxx.xxx:5000
gitlab.xxxxx.xxx:5005
127.0.0.0/8
Live Restore Enabled: falseUsed GitLab Runner version
gitlab-runner -v
Version: 10.5.0-rc2
Git revision: 10074fff
Git branch: 10-5-stable
GO version: go1.8.5
Built: 2018-02-15T12:01:25+00:00
OS/Arch: linux/amd64my config toml:
concurrent = 1
check_interval = 0
[[runners]]
name = "test"
url = "https://gitlab.xxxxx.xxx/"
token = "3748c96b0ceb3705edc990baf5c998"
executor = "docker"
tls-ca-file = "/etc/gitlab-runner/certs/ca.crt"
tls-cert-file = "/etc/gitlab-runner/certs/gitlab.madia.lan.crt"
tls-key-file = "/etc/gitlab-runner/certs/gitlab.madia.lan.key"
[runners.docker]
tls_verify = false
tls-skip-verfiy = true
tls_cert_path = "/etc/gitlab-runner/certs/certs"
image = "alpine:latest"
privileged = true
disable_cache = false
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
shm_size = 0
[runners.cache]