Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kaniko authentication errors since 0.24 because of HOME env missing #915

Open
wwu-cx opened this issue May 12, 2021 · 11 comments
Open

Kaniko authentication errors since 0.24 because of HOME env missing #915

wwu-cx opened this issue May 12, 2021 · 11 comments
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.

Comments

@wwu-cx
Copy link

wwu-cx commented May 12, 2021

Took me a while to figure this out, i know this is not per se a bug in tekton, but since a lot of people are using the kaniko build step from the library, i will report this.

Expected Behavior

After upgrading to 0.24, the kaniko buildstep should function as before.

Actual Behavior

PUTs to the registry (Useragent kaniko/1.5.2) are working like before, but i see GET and HEAD requests seconds after that are failing with auth problems (401):

192.168.1.99 - - [12/May/2021:13:50:43 +0000] "PUT /v2/kaniko-cache/xyz/manifests/... HTTP/1.1" 201 0 "" "kaniko/v1.5.2"
192.168.1.99 - - [12/May/2021:13:50:51 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "kaniko/v1.5.2"
192.168.1.99 - - [12/May/2021:13:50:51 +0000] "HEAD /v2/kaniko-cache/xyz/blobs/sha256:... HTTP/1.1" 401 167 "" "kaniko/v1.5.2"

after that the step fails with
error pushing image: failed to push to destination ... unexpected status code 401 Unauthorized

what i found out is that since HOME is not set, the .docker/config.json is now created in the /root directory,
in v0.23, it was created unter /home/tekton.

i suppose that there is a problem with how kaniko finds docker/config.json

i updated DOCKER_CONFIG to point to the /root dir, but that didn't help.

what solved the auth problems was to set HOME to /home/tekton like before

Additional Info

  • Tekton Pipeline version: v0.24
@vdemeester
Copy link
Member

We should update the catalog kaniko task to do that then I think.
/cc @tektoncd/catalog-maintainers

@chmouel
Copy link
Member

chmouel commented May 17, 2021

or contact the kaniko maintainer to set a WORKDIR in the Dockerfile :)

@tekton-robot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale with a justification.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

@tekton-robot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten with a justification.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle rotten

Send feedback to tektoncd/plumbing.

@ghost
Copy link

ghost commented Nov 15, 2021

/assign

@tekton-robot tekton-robot assigned ghost Nov 15, 2021
@ghost
Copy link

ghost commented Nov 15, 2021

/remove-lifecycle rotten

@dibyom dibyom transferred this issue from tektoncd/pipeline Jan 24, 2022
@lbernick
Copy link
Member

lbernick commented Feb 7, 2022

/priority important-longterm

@tekton-robot tekton-robot added the priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. label Feb 7, 2022
@dibyom
Copy link
Member

dibyom commented Mar 21, 2022

/cc @tektoncd/catalog-maintainers is this still an issue?

@tekton-robot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale with a justification.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 19, 2022
@tekton-robot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten with a justification.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle rotten

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Jul 19, 2022
@vinamra28
Copy link
Member

/remove-lifecycle rotten
/lifecycle frozen

@tekton-robot tekton-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. labels Aug 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Projects
Tekton Community Roadmap
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
7 participants
@vdemeester @chmouel @dibyom @vinamra28 @lbernick @tekton-robot @wwu-cx