I’m using GitLab.com and a self-hosted runner.
I’m executing this stage:
deploy:
stage: deploy
image: docker/compose:alpine-1.27.4
services:
- docker:stable-dind
cache: {}
script:
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
And it fails with the error: time="2020-11-25T16:09:25Z" level=info msg="Error logging in to v2 endpoint, trying next endpoint: Get https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority"Get https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority
When i change the image of the stage to docker:stable then everything works as expected.
The error does not occur when using the shared runners.
My runner version: 13.4.1
Sorry for bringing this up but I have been really struggling for several days and I do not manage to make my gitlab runner run ok.
I use also gitlab.com and I was running a gitlab-runner within Linux which was running ok. However, if I try to run a gitlab-runner in Windows or using Docker I get the certificate signed by unknown authority error.
If I disable TLS or try to enable it, then I get the error “ERROR: no active session for wgfyt0zw36gtzg34vltmjni8d: context deadline exceeded”
In my case, it seems the docker/compose image doesn’t contain ANY root certs and docker login fails (login uses certs from the docker CLIENT, not where the docker daemon is running). This seems to be the issue even with latest (as of now) docker/compose image. Since the image is based on alpine, running apk add ca-certificates installs the missing certs and docker login works again. You should be able to add this step to your CI jobs easily, or roll your own docker/compose-based image for your jobs.