summaryrefslogtreecommitdiff
path: root/doc/ci/docker/using_kaniko.md
diff options
context:
space:
mode:
authorRaphael Nestler <raphael.nestler@sensirion.com>2018-12-17 16:26:53 +0100
committerRaphael Nestler <raphael.nestler@sensirion.com>2018-12-21 10:30:09 +0100
commit68d172daec63f70c8641da574d5a1a97c8167833 (patch)
treebe003851af3170b811669542ea33ce26dc85ddf6 /doc/ci/docker/using_kaniko.md
parent89b0be149ec5048ded40b53b8a94859bcdd490d8 (diff)
downloadgitlab-ce-68d172daec63f70c8641da574d5a1a97c8167833.tar.gz
Explain how to use kaniko with a registry with a custom certificate
Diffstat (limited to 'doc/ci/docker/using_kaniko.md')
-rw-r--r--doc/ci/docker/using_kaniko.md23
1 files changed, 23 insertions, 0 deletions
diff --git a/doc/ci/docker/using_kaniko.md b/doc/ci/docker/using_kaniko.md
index 66f0d429165..aa6b387bc58 100644
--- a/doc/ci/docker/using_kaniko.md
+++ b/doc/ci/docker/using_kaniko.md
@@ -57,3 +57,26 @@ build:
only:
- tags
```
+
+## Using a registry with a custom certificate
+
+When trying to push to a Docker registry that uses a certificate that is signed
+by a custom CA, you might get the following error:
+
+```sh
+$ /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --no-push
+INFO[0000] Downloading base image registry.gitlab.example.com/group/docker-image
+error building image: getting stage builder for stage 0: Get https://registry.gitlab.example.com/v2/: x509: certificate signed by unknown authority
+```
+
+This can be solved by adding your CA's certificate to the kaniko certificate
+store:
+
+```yaml
+ before_script:
+ - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
+ - |
+ echo "-----BEGIN CERTIFICATE-----
+ ...
+ -----END CERTIFICATE-----" >> /kaniko/ssl/certs/ca-certificates.crt
+```
View Lorry Controller Status