Open jaden-zerbe-kr opened 1 year ago
@ericsmalling do you have any ideas?
That's odd. AFAIK, it should be using the local image via the bind-mounted docker.sock
@jaden-zerbe-kr if you re-tag the image with something like "notarealregistry/image:tag", does it give the same error?
@ericsmalling - I pulled the node:latest image from our private registry and re-tagged it nodelocal:latest. On VPN, I get a "socket hang up" error. Off VPN, I get "Failed to scan image "localnode:latest". Please make sure the image and/or repository exist, and that you are using the correct credentials."
Using the original private registry tag, I get the same "Authentication is required" error whether I am on or off VPN.
In my own testing I see similar errors but the same test on Docker Desktop works fine.
Side note: my Docker Desktop laptop is Mac OS on ARM vs. the Rancher Desktop laptop is Mac OS on Intel. Not sure if platform is contributing. (I doubt it as the image I tested with was amd64-only anyway)
I think I figured it out.
Per Docker's Extensions docs, we are bind mounting /var/run/docker.sock.raw
which does not exist in the Rancher Desktop VM.
Let me see if I can add some detection logic to pick the right one.
Per Docker's Extensions docs, we are bind mounting
/var/run/docker.sock.raw
which does not exist in the Rancher Desktop VM.
Thank you for figuring this out! I've created a separate issue for it in #5084.
Let me see if I can add some detection logic to pick the right one.
While this helps the snyk extension, having the socket available improves compatibility and might fix other extensions too.
If you playing around with it, would just having a symlink from docker.sock.raw
to docker.sock
work for you?
Actual Behavior
When using the Snyk extension in Docker Desktop users get an "Authentication is required" message when pulling from a private registry.
Steps to Reproduce
rdctl extension install snyk/snyk-docker-desktop-extension
Result
An error is displayed stating "Authentication is required".
Expected Behavior
Synk scans the specified image and displays security vulnerabilities
Additional Information
This same process works with Docker Desktop. It seems as if stored credentials are not accessible by the Snyk plugin when using Rancher Desktop. This process has been tested on both windows and mac with the same results.
Rancher Desktop Version
1.9.0
Rancher Desktop K8s Version
v1.26.5
Which container engine are you using?
moby (docker cli)
What operating system are you using?
Windows
Operating System / Build Version
Windows 10 Enterprise 21H2
What CPU architecture are you using?
x64
Linux only: what package format did you use to install Rancher Desktop?
None
Windows User Only
VPN is in use with the "Enable networking tunnel" feature enabled.