Hi, I’m trying to deploy an app to Kubernetes through gitlab-ci but keep getting an error message on the private registry that says: msg=“error authorizing context: authorization token required”.
Here’s the full log from the container registry:
2020-01-07_04:25:41.88747 time="2020-01-07T04:25:41.887427103Z" level=warning msg="error authorizing context: authorization token required" go.version=go1.12.13 http.request.host=registry.my-private-domain.com http.request.id=ada30ba4-c74a-48d4-8fe0-7536e8261212 http.request.method=GET http.request.remoteaddr=123.123.123.123 http.request.uri="/v2/" http.request.useragent="docker/18.06.3-ce go/go1.10.3 git-commit/d7080c1 kernel/4.9.0-11-amd64 os/linux arch/amd64 UpstreamClient(Go-http-client/1.1)"
2020-01-07_04:25:41.88751 127.0.0.1 - - [07/Jan/2020:04:25:41 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/18.06.3-ce go/go1.10.3 git-commit/d7080c1 kernel/4.9.0-11-amd64 os/linux arch/amd64 UpstreamClient(Go-http-client/1.1)"
This error log is for deploy stage. I’m using kaniko to build and push the container to the registry and that works fine.
Also worth noting that I previously had this setup working while using the gitlab.com. I’m now using a self hosted gitlab.
Here’s the .gitlab-ci.yaml
stages:
- build
- deploy
build:
image: gcr.io/kaniko-project/executor:debug
stage: build
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_BUILD_REF
deploy-development:
image: alpine:3.9.4
stage: deploy
script:
- apk update && apk add --no-cache curl
- curl -LO https://get.helm.sh/helm-v3.0.2-linux-amd64.tar.gz
- tar -zxvf helm-v3.0.2-linux-amd64.tar.gz
- chmod +x linux-amd64/helm && mv linux-amd64/helm /usr/local/bin/helm
- curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
- chmod +x ./kubectl && mv ./kubectl /usr/local/bin/kubectl
- mkdir -p $HOME/.kube
- cp $KUBECONFIG $HOME/.kube/config
- kubectl create secret docker-registry gitlab --docker-server=$CI_REGISTRY --docker-username=gitlab-ci-token --docker-password=$CI_BUILD_TOKEN --dry-run -o yaml | kubectl apply -f -
- helm upgrade --install userapi-development ./chart/ -f ./chart/values-dev.yaml --set image.pullSecrets.password=$CI_BUILD_TOKEN --set image.tag=$CI_BUILD_REF
only:
- development