-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
skaffold kaniko permission failure on getting image last step after build #3868
Comments
Same issue as this one |
Ok issue solved. I was running skaffold inside builder in the CICD Pipeline. Kaniko is working correctly, using provided dockerconfig.json for image push. What was not working that the builder was not using credentials. This particular case applies to jenkins-x. pipelineConfig:
pipelines:
pullRequest:
pipeline:
options:
distributeParallelAcrossNodes: true
agent:
image: gcr.io/jenkinsxio/builder-nodejs12x:latest
stages:
- name: build-and-push
options: # I forgot to mount ecr creds helper on builder also
volumes:
- name: docker-config
secret:
secretName: jenkins-docker-cfg
containerOptions:
volumeMounts:
- name: docker-config
mountPath: /builder/home/.docker/
parallel:
- name: batch-1-gateways
steps:
- name: version
sh: export VERSION=$PREVIEW_VERSION
# sh: yarn install
sh: echo 0
- name: npm-test
# sh: CI=true DISPLAY=:99 yarn test
sh: echo 0
- name: conditionally-build-api-gateway-service
sh: ./build.sh api-gateway
- name: conditionally-build-auth-service
sh: ./build.sh auth-service Before I mounted the docker config it looked like this: {"auths":{}} After I mounted the credentials helper config to the builder image it looked like this: {
"credHelpers": {
"xxxx.dkr.ecr.xxxx.amazonaws.com": "ecr-login"
}
} And the build completed like this:
Everything works as expected. |
related to: #1719
I am facing similar issue.
Expected behavior
Do not fail
Actual behavior
After build fails to get image.
Information
Skaffold version: v1.6
Operating system: unix
Contents of skaffold.yaml:
getting image
error, which happens in remoteImage() function in docker library.awsecr-cred
awsecr-cred dockerconfig auth token is token got from aws cli v2 $(aws ecr get-authorization-token)
Maybe the construction of secret awsecr-cred is wrong ?
The text was updated successfully, but these errors were encountered: