Closed fwilhe closed 6 months ago
Just out of curiosity, can you try ocm transfer componentarchive ./ca-hello-world --repo OCIRegistry:localhost:8080
@Skarlso I'm already in contact with @fwilhe. The bug is partially related to several fixes I implemented in this PR. I believe, the current ocm release (v0.8.0) is not able to communicate with oci registries over an http connection.
He already checked out the PR, which appears to solve the initial problem. But apparently, uploaders still have issues with http
. Will investigate this further tomorrow.
I mean... Honestly, I would be okay with that ( not being able to push to HTTP ). We never did intent to use insecure registries. That's why OCM internally is using self-signed certificates. It's not too difficult to set up an HTTPS repository. Actually it's just a couple lines to create a self-signed cert and insert it into the system store.
Yeah honestly I did not consider that as for local testing encryption just is not a concern. I'm fine with requiring HTTPS, but I'd suggest to document this.
Thanks for looking into it.
Meh. :D I mean if you implemented it already than don't let it go to waste. :D
already mentioned above: #676
What happened:
I'm trying to follow getting started with a local oci registry.
My registry is running at localhost:8080 and I can use it with docker and skopeo.
When I'm trying to transfer the archive, it fails by assuming I want to work with a local directory:
I don't know why this happens, the help page of
ocm transfer
andocm transfer componentarchive
don't seem to explain what's wrong.It worked when I used the github registry like mentioned in the docs.
What you expected to happen:
I should be able to push my component archive to a local OCI registry.
How to reproduce it (as minimally and precisely as possible):
On lInux, with docker installed, run the following (as root or with sudo where needed):
Run the zot registry using
zot serve /etc/zot/config.json
and let it run in the background.You may verify the registry works using
skopeo --insecure-policy copy --dest-tls-verify=false --format=oci docker://busybox:latest docker://localhost:8080/busybox:latest
In another terminal, follow getting started but replace
with
It will all work until it fails at
ocm transfer componentarchive ./ca-hello-world localhost:8080
Anything else we need to know:
I might be using it wrong. I've tried to consult the docs and the code to understand what's wrong, but honestly I don't see it. Please let me know if I made a silly mistake.
I'd appreciate if the documentation was more clear on 'targets' and how local directories and oci registries are identified.
Environment:
Linux arm64 vm on macos apple silicon