Reputation: 1
How to make Drone Docker plugin to authenticate with a self-hosted registry having a self-signed TLS certificate
I'm using Drone 1.0.0-rc1 with the Docker plugin. My docker registry is only accessible via TLS, however the certificate is self-signed. The whole docker ecosystem complains about it with a similar error message, in case of the Drone build it's this:
x509: certificate signed by unknown authority
Normally I'm able to add the ca as a trusted authority to the OS running the different Docker solutions, however Drone is executing the builds (and the auth itself) inside a short-lived docker container.
How can I make it trust the cert?
Upvotes: 0
Views: 1259
Answers (1)
Reputation: 1
A less than stellar but working solution is to add the following setting to the .drone.yml:
insecure: true
This makes it running the docker daemon with the --insecure-registry argument which according to the docs
First, try using HTTPS.
- If HTTPS is available but the certificate is invalid, ignore the error about the certificate.
- If HTTPS is not available, fall back to HTTP.
In my case I know that my registry isn't even exposed through HTTP so looks good enough.
Upvotes: 0
Related Questions
- docker login self hosted registry = x509: certificate signed by unknown authority
- Setup self-signed TLS certs for a registry POD
- add ca certificate to drone.io build container such that git fetch can use it?
- Configuring local registry with self-signed certificate
- How to add private registry certs to Docker Machine
- How login to a Custom docker registry with SSL Cert from Windows server
- Docker private registry using selfsigned certificates
- Docker private registry | TLS certificate issue
- ssl certificate for private docker repository
- How to deploy on custom docker registry?