Open hawkesn opened 2 years ago
Weird, we don't seem to see this error message but we have the same config:
$ k get secrets -n argocd image-pull-docker-hub -ojson | jq -r '.data[".dockerconfigjson"]' | base64 -d
{"auths":{"https://index.docker.io/v1/":{"username":"my-username","password":"my-password","auth":"my-auth"}}}
apiVersion: v1
kind: ConfigMap
data:
argocd.grpc_web: "true"
argocd.insecure: "false"
argocd.plaintext: "false"
kube.events: "false"
log.level: info
registries.conf: |
registries:
- api_url: https://registry-1.docker.io
credentials: pullsecret:argocd/image-pull-docker-hub
defaultns: library
name: Docker Hub
Is there any way to check that the image pull secret is definitely being (or trying to be) used by the image updater?
Hi @bcbrockway , sorry forgot to mention the log
that I put above did come from the image updater. I found the line here: https://github.com/argoproj-labs/argocd-image-updater/blob/master/pkg/image/credentials.go#L260. So I think it is trying to be used by the image updater
Hope that helps
I think it might be this line that could potentially be the culprit but I'm not sure: https://github.com/argoproj-labs/argocd-image-updater/blob/master/pkg/registry/endpoints.go#L101
I'm encountering same issue on v0.12.2 This works:
registries:
- name: Docker Hub
api_url: https://index.docker.io
prefix: docker.io
credentials: pullsecret:argocd/dockerhub-secret
ping: yes
default: true
Describe the bug
When creating a docker-registry secret for DockerHub, the default URL is:
https://index.docker.io/v1/
if no--docker-server
flag is passed. However,argocd-image-updater
useshttps://registry-1.docker.io
as the default.To Reproduce
kubectl
:kubectl get secret regcred -o jsonpath='{.data.*}' | base64 -d
"https://index.docker.io/v1/"
Expected behavior The default behaviour for using dockerhub should not require a user to specify the registry using the
--docker-server
flag. Argocd image updater should use the"https://index.docker.io/v1/"
url instead of:"https://registry-1.docker.io"
Additional context Kubernetes official documentation here also states the following:
Version v0.12.0
Logs
level=warning msg="Could not fetch credentials: no valid auth entry for registry https://registry-1.docker.io found in image pull secret"