Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Insecure Registries #1916

Open
Tracked by #246
dlion opened this issue Sep 21, 2023 · 13 comments · May be fixed by #2077
Open
Tracked by #246

Support Insecure Registries #1916

dlion opened this issue Sep 21, 2023 · 13 comments · May be fixed by #2077
Assignees
@prashantrewar
Labels
good first issue A good first issue to get started with. type/enhancement Issue that requests a new feature or improvement.
Milestone
0.35.0

Comments

@dlion
Copy link
Member

dlion commented Sep 21, 2023

I'm opening this issue to track the work that needs to be done on pack to enable the support for insecure registries.

Sample Command

pack build test_img --path apps/test-app --insecure-registry=insecure.host --builder insecure.host/my-builder

Dependencies

Once this PR is merged the work on this issue can be started

Main tracking issue: buildpacks/rfcs#246
@dlion dlion added type/enhancement Issue that requests a new feature or improvement. good first issue A good first issue to get started with. labels Sep 21, 2023
@dlion dlion added this to the 0.32.0 milestone Sep 21, 2023
@dlion dlion mentioned this issue Sep 21, 2023
Open
7 tasks
@jjbustamante jjbustamante added the status/blocked Issue or PR that is blocked. See comments. label Sep 21, 2023
@jjbustamante
Copy link
Member

Waiting for buildpacks/lifecycle#1140

@jjbustamante jjbustamante removed the status/blocked Issue or PR that is blocked. See comments. label Sep 25, 2023
@jjbustamante jjbustamante modified the milestones: 0.32.0, 0.33.0 Oct 17, 2023
@jjbustamante jjbustamante modified the milestones: 0.33.0, 0.34.0 Nov 15, 2023
@jjbustamante jjbustamante added the status/blocked Issue or PR that is blocked. See comments. label Nov 15, 2023
@jjbustamante
Copy link
Member

We need to wait for platform 0.13 to work on this

@jjbustamante
Copy link
Member

We reviewed the Platform 0.13 scope yesterday during our WG meeting, I think we will unblock this issue soon

@natalieparellano natalieparellano removed the status/blocked Issue or PR that is blocked. See comments. label Feb 5, 2024
@natalieparellano
Copy link
Member

It should be possible to work on this one already - though there isn't a released lifecycle that supports it, we should be able to verify that the flag is passed all the way down from the command line invocation to the "lifecycle execution"

@natalieparellano
Copy link
Member

Adding a few notes here in case that makes it easier to pick up:

  • We need to add a new string slice flag to pack build (example)
  • We'll need to hold onto a list of insecure registries (here and here)
  • When fetching images from the host, we need to provide the insecure registry options (here is where we'll need to provide the options to the fetcher and here is where the fetcher will use them)
  • When fetching images from the container, we need to provide the insecure registry options to the lifecycle (here and by appending the flag for analyze, restore, export, create, and rebase)
  • We'll probably want an acceptance test (but if needed a maintainer can help with this as our acceptance suite is a bit tricky)

Questions:

  • Do we need to add warnings anywhere when insecure registry options are provided?

cc @jjbustamante

@jjbustamante
Copy link
Member

Thank you very much @natalieparellano, all those hints are great for new contributors.

Questions:
Do we need to add warnings anywhere when insecure registry options are provided?

I will say Yes, using an insecure registry is probably something just for development and it is valuable to add some warnings

@jjbustamante
Copy link
Member

@prashantrewar what about this one? do you want to give it a try?

@prashantrewar
Copy link

@prashantrewar what about this one? do you want to give it a try?

Sure, I will try.

Thank you so much @jjbustamante

@prashantrewar
Copy link

/assign

@natalieparellano natalieparellano mentioned this issue Feb 14, 2024
Closed
@prashantrewar
Copy link

Hey @jjbustamante and @natalieparellano I have a question related to image.NewFetcher.

pkg/client/client.go

How should I pass the insecureRegistries values to the client?

@prashantrewar
Copy link

@natalieparellano, could you please describe me more on the [rebase] (

pack/pkg/client/rebase.go

Line 116 in 8ed450d

rebaser := &phase.Rebaser{Logger: c.logger, PlatformAPI: build.SupportedPlatformAPIVersions.Latest(), Force: opts.Force}
) about what changes are you expecting?

@jjbustamante
Copy link
Member

hi @prashantrewar!

I think for the rebase we need the following:

  • Add a new string slice flag to pack rebase command to get the insecure registry values
  • When we are fetching the application images and the base image we need to pass through this value when invoking the fetching.

@prashantrewar prashantrewar linked a pull request Feb 21, 2024 that will close this issue
Open
2 tasks
@prashantrewar
Copy link

Hey, @jjbustamante and @natalieparellano I created a PR on this issue. Could you please take a look and suggest any changes if required?

Thank you for the help.

@natalieparellano natalieparellano modified the milestones: 0.34.0, 0.35.0 Apr 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@prashantrewar prashantrewar

Labels
good first issue A good first issue to get started with. type/enhancement Issue that requests a new feature or improvement.
Projects
None yet
Milestone
0.35.0
Development

Successfully merging a pull request may close this issue.

Support Insecure Registries prashantrewar/pack
4 participants
@jjbustamante @dlion @natalieparellano @prashantrewar