Bug 1780714

Summary: oc new-build for docker build cannot support insecure registry image url
Product: OpenShift Container Platform Reporter: kevin <welin>
Component: BuildAssignee: Gabe Montero <gmontero>
Status: CLOSED ERRATA QA Contact: wewang <wewang>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.11.0CC: adam.kaplan, aos-bugs, gmontero, wzheng
Target Milestone: ---   
Target Release: 4.4.0   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: 'oc new-build' did not have the same '--insecure-registries' available with 'oc new-app' to allow for use of insecure image reference URLs as their source. Consequence: 'oc new-build' invocations would get errors trying to make HTTPS connections using HTTP based image references when HTTP based image references were supplied as the base image for the build. Fix: The '--insecure-registries' option was added to 'oc new-build' Result: Users can now create create builds with 'oc new-build' that reference insecure registries as their base image.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-05-04 11:19:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
erro screen none

Description kevin 2019-12-06 17:23:41 UTC 
Created attachment 1642674 [details]
erro screen

Description of problem:

I have been using oc new-build to build a new docker image
in this example, i'm using a inscure registry
registry.example.internal:5000
I am face an error about the inscure registry
I have tested that I can pull the insecure registry image on master and worker nodes

Version-Release number of selected component (if applicable):

I'm using OCP version is 3.11.154

How reproducible:

Steps to Reproduce:
1.set up an insecure private registry
2.use this command to create a docker build
oc new-build --strategy docker --binary --docker-image registry.example.internal:5000/openshift/jenkins-agent-maven-35-centos7:v3.11 --name jenkins-agent-appdev

Actual results:

oc new-build --strategy docker --binary --docker-image registry.example.internal:5000/openshift/jenkins-agent-maven-35-centos7:v3.11 --name jenkins-agent-appdev
W1207 01:19:10.883586   23149 dockerimagelookup.go:233] Docker registry lookup failed: Get https://registry.example.internal:5000/v2/: http: server gave HTTP response to HTTPS client
error: unable to locate any local docker images with name "registry.example.internal:5000/openshift/jenkins-agent-maven-35-centos7:v3.11"

The 'oc new-build' command will match arguments to the following types:

  1. Images tagged into image streams in the current project or the 'openshift' project
     - if you don't specify a tag, we'll add ':latest'
  2. Images in the Docker Hub, on remote registries, or on the local Docker engine
  3. Git repository URLs or local paths that point to Git repositories

--allow-missing-images can be used to force the use of an image that was not matched

See 'oc new-build -h' for examples.

Expected results:

have any flag such as "--insecure-registry" which using on "oc new-app" , have any same method on "oc new-build" for an insecure registry image? 

Additional info:
Comment 9 errata-xmlrpc 2020-05-04 11:19:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581