gitea for local cluster like kind - Enable container registry gitea #31994

Closed shaikzoheb-oi closed 2 months ago

Description

I've deployed gitea using helm locally in my kind cluster(running on macos). However I wants to push my local images to gitea.

Is there a way in helm/values to enable gitea container registry?

Gitea Version

gitea-10.4.0/1.22.1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

git version 2.39.3 (Apple Git-146)

Operating System

macOS Sonoma 14.6.1

How are you running Gitea?

helm repo add gitea-charts https://dl.gitea.com/charts/ helm install gitea gitea-charts/gitea -n gitea

It's running on macos, local kind cluster

kubectl get pods -n gitea NAME READY STATUS RESTARTS AGE gitea-66b98969bb-wd2f7 1/1 Running 0 94m gitea-postgresql-ha-pgpool-755dfbcb99-644gh 1/1 Running 0 94m gitea-postgresql-ha-postgresql-0 1/1 Running 0 94m gitea-postgresql-ha-postgresql-1 1/1 Running 0 94m gitea-postgresql-ha-postgresql-2 1/1 Running 0 94m gitea-redis-cluster-0 1/1 Running 0 94m gitea-redis-cluster-1 1/1 Running 2 (94m ago) 94m gitea-redis-cluster-2 1/1 Running 1 (94m ago) 94

Database

PostgreSQL

Packages are enabled by default.

@lunny i am able to package and push helm packages to gitea.

Similarly images I wanted to push docker images from local to gitea. As I don’t have domain for gitea, I will have to manage it with localhost

It is complex, as docker only allow https by default. You need to add your local host in docker's trust list first.

@yp05327 I've added the locallost entries in docker's insecure registries. But somehow it's still throwing "connection refused".

In general, the way is to create repository in gitea.

docker login gitea.example.com docker tag nginx:latest repo-name-gitea:tag docker push

unlike other image registries, in gitea I don't see option to create registry/repos. I hope repository in gitea is like registry itself

See: https://docs.gitea.com/usage/packages/container#image-naming-convention

registry is your instance's host name. owner can be an organization or an individual user.

ps: If the image is not in docker hub, then you need to add the host name.

@yp05327 Thank you for sharing the details.

I am trying to push my local images(gitlab images) to gitea. As gitea is deployed locally, I dont have hostname. So with localhost I am trying.

port-forwarded gitea docker login 127.0.0.1:80

but connection refused. Is there a way to acheive this by using localhost? I mean when gitea is running locally on kind cluster

IIRC, hostname can be IP address(127.0.0.1) or localhost, it is same.

First, the host(ip:port) should be same to the web site. By default, IIRC, the Gitea's port in helm chart is 3000. But you are using 80, maybe you need to check it first. e.g. run curl http://127.0.0.1:3000/v2 or curl http://127.0.0.1:80/v2 Then you should add ip:port or hostname:port in "insecure-registries" in daemon.json, and then RESTART DOCKER.

If it still doesn't work, I have no idea about it now. 😢

Yes I did the same, added localhost:3000/127.0.0.1:3000 in insecure registry of docker. Even telnet and nc is working fine, not sure what's happening behind the scenes.

Weird part is, I am able to push packages(tar files) to gitea package registry with my credentials. curl --user user:passwd -X POST --upload-file cert-manager-cainjector.tgz http://127.0.0.1:3000/api/packages/zoheb/helm/api/charts

Only this docker login/push part is not working for me. Looks like the issue it's not related to gitea

I am not using ingress/nginx, but by default it's trying to connect to git.example.com while doing docker push. I just added an entry in /etc/hosts, 127.0.0.1 oi.gitea.local

curl -v -u zoheb:zoheb12345 http://oi.gitea.local:3001/v2/

Host oi.gitea.local:3001 was resolved.
IPv6: (none)
IPv4: 127.0.0.1, 127.0.0.1
Trying 127.0.0.1:3001...
Connected to oi.gitea.local (127.0.0.1) port 3001
Server auth using Basic with user 'zoheb'

GET /v2/ HTTP/1.1 Host: oi.gitea.local:3001 Authorization: Basic em9oZWI6em9oZWIxMjM0NQ== User-Agent: curl/8.7.1 Accept: /
Request completely sent off < HTTP/1.1 200 OK < Docker-Distribution-Api-Version: registry/2.0 < Date: Mon, 09 Sep 2024 11:28:47 GMT < Content-Length: 0

docker push oi.gitea.local:3001/oi/nginx:alpine-otel The push refers to repository [oi.gitea.local:3001/oi/nginx] 14f007c658d6: Preparing dbc055046852: Preparing 4da863068df6: Preparing 175255ec9886: Preparing 7ced8510153d: Preparing debbe47577a8: Waiting ec57fe534ca6: Waiting 087523896fec: Waiting 16113d51b718: Waiting denied: connecting to git.example.com:80: connecting to git.example.com:80: dial tcp: lookup git.example.com: no such host

nc -zv 127.0.0.1 3001
Connection to 127.0.0.1 port 3001 [tcp/redwood-broker] succeeded!

even telnet is also working, expect this docker push

So it seems that the problem is from docker side.

docker push oi.gitea.local:3001/oi/nginx:alpine-otel

And

denied: connecting to git.example.com:80: connecting to git.example.com:80: dial tcp: lookup git.example.com: no such host

The host name and port is different?

I am not using ingress and the values is "false" in helm/values.yaml file. But still it's referring to this file in gitea( ConfigFile: /data/gitea/conf/app.ini) and trying to connect to http://git.example.com/

Below are the logs:

2024/09/09 13:18:52 cmd/web.go:304:listen() [I] Listen: http://0.0.0.0:3000 2024/09/09 13:18:52 cmd/web.go:308:listen() [I] AppURL(ROOT_URL): http://git.example.com/ 2024/09/09 13:18:52 ...s/graceful/server.go:50:NewServer() [I] Starting new Web server: tcp:0.0.0.0:3000 on PID: 10

I logged in to the pod and changed ROOT_URL to http://127.0.0.1, but no luck.

ROOT_URL is http://127.0.0.1:3000, it should be same to the URL you access.

ROOT_URL = http://git.example.com -----> http://127.0.0.1:3000 ENABLE_PPROF = false SSH_PORT = 22 APP_DATA_PATH = /data SSH_LISTEN_PORT = 2222 PROTOCOL = http HTTP_PORT = 3000 START_SSH_SERVER = true SSH_DOMAIN = git.example.com ------> how about this? same 127.0.0.1 DOMAIN = git.example.com ------> ? same 127.0.0.1

I just remembered the details of the protocol of docker login. It will get the host URL from the server, and it is based on the ROOT_URL in Gitea. So that's why you got this error:

denied: connecting to git.example.com:80: connecting to git.example.com:80: dial tcp: lookup git.example.com: no such host

SSH_DOMAIN is not related to docker login, 127.0.0.1 is fine. DOMAIN can be 127.0.0.1

@yp05327 One last question to you.

Where does gitea stores all the packages/images? It's having own PVC, but in which directory I can find all my images/pacakges?

Under /data, I see these many directories but couldn't find my pacakge/image

/data $ ls -ltr total 68 drwxrws--- 2 root git 16384 Sep 10 06:08 lost+found drwxr-sr-x 3 git git 4096 Sep 10 06:08 git drwxr-sr-x 3 git git 4096 Sep 10 06:08 tmp drwxr-sr-x 2 git git 4096 Sep 10 06:09 repo-avatars drwxr-sr-x 2 git git 4096 Sep 10 06:09 repo-archive drwxr-sr-x 2 git git 4096 Sep 10 06:09 home drwx------ 4 git git 4096 Sep 10 06:09 gitea drwxr-sr-x 2 git git 4096 Sep 10 06:09 attachments drwxr-sr-x 2 git git 4096 Sep 10 06:09 actions_log drwxr-sr-x 2 git git 4096 Sep 10 06:09 actions_artifacts drwxr-sr-x 2 git git 4096 Sep 10 06:09 jwt drwxr-sr-x 2 git git 4096 Sep 10 06:09 ssh drwxr-sr-x 14 git git 4096 Sep 10 07:01 packages drwxr-sr-x 3 git git 4096 Sep 10 07:01 avatars

Did you login successfully?

Where does gitea stores all the packages/images?

I'm not clearly sure, but I think they are in packages.

drwxr-sr-x 14 git git 4096 Sep 10 07:01 packages

@yp05327 Instead of localhost, I've used proper domain name and ingress. With this, I am able to login successfully.

Thanks for your time and cooperation on this.

go-gitea / gitea