search

containerd / nerdctl

contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
Apache License 2.0
7.88k stars 586 forks source link

support --insecure-registry for nerdctl build #1363

Open fahedouch opened 1 year ago

fahedouch commented 1 year ago

What is the problem you're trying to solve

The problem is that if I use it directly in the pod, I can pull the image directly, but not in the Dockerfile

nerdctl pull --insecure-registry xxxx:30003/zikayou/serverjre:v1
time="2022-09-06T11:00:27Z" level=warning msg="skipping verifying HTTPS certs for "xxxx:30003""
xxxx:30003/zikayou/serverjre:v1: resolving |�[32m�[0m--------------------------------------|
elapsed: 0.1 s total: 0.0 B (0.0 B/s)
xxxx:30003/zikayou/serverjre:v1: resolved |�[32m++++++++++++++++++++++++++++++++++++++�[0m|
manifest-sha256:735c9e6406bc633a27735f93ae23b61b5a801d66010a3cce570938ca2331cc88: waiting |�[32m�[0m--------------------------------------|
elapsed: 0.2 s total: 0.0 B (0.0 B/s)

nerdctl build --insecure-registry -t xxxx:30003/zikayou/springboot-demo:v0.0.4 .

Dockerfile:1

1 | >>> FROM xxxx:30003/zikayou/serverjre:v1
2 | RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
3 | ADD target/springboot-demo-0.0.1-SNAPSHOT.jar /springboot-demo-0.0.1-SNAPSHOT.jar

error: failed to solve: xxxx:30003/zikayou/serverjre:v1: failed to do request: Head "https://xxxx:30003/v2/zikayou/serverjre/manifests/v1": x509: cannot validate certificate for xxxx because it doesn't contain any IP SANs
time="2022-09-06T11:00:36Z" level=fatal msg="unrecognized image format"

Source https://github.com/containerd/nerdctl/discussions/1362

Describe the solution you'd like

nerdctl build --insecure-registry -t xxxx:30003/zikayou/springboot-demo:v0.0.4 . => should work

Additional context

No response

l1douhua commented 1 year ago

nerdctl build --insecure-registry -t xxxx:30003/zikayou/springboot-demo:v0.0.4 . => should work

He is not a good way to solve my problem

fahedouch commented 1 year ago

nerdctl build --insecure-registry -t xxxx:30003/zikayou/springboot-demo:v0.0.4 . => should work

He is not a good way to solve my problem

@l1douhua So what is the good way ?

l1douhua commented 1 year ago

nerdctl build --insecure-registry -t xxxx:30003/zikayou/springboot-demo:v0.0.4 . => should work He is not a good way to solve my problem

@l1douhua So what is the good way ?

I don't have any other good solutions. The question is why can't nerdctl use build in the pod to pull up the image specified by "from" in the dockerfile?