Bug 1780714 - oc new-build for docker build cannot support insecure registry image url
Summary: oc new-build for docker build cannot support insecure registry image url
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Build
Version: 3.11.0
Hardware: x86_64
OS: Linux
Target Milestone: ---
: 4.4.0
Assignee: Gabe Montero
QA Contact: wewang
Depends On:
TreeView+ depends on / blocked
Reported: 2019-12-06 17:23 UTC by kevin
Modified: 2020-08-05 14:57 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: 'oc new-build' did not have the same '--insecure-registries' available with 'oc new-app' to allow for use of insecure image reference URLs as their source. Consequence: 'oc new-build' invocations would get errors trying to make HTTPS connections using HTTP based image references when HTTP based image references were supplied as the base image for the build. Fix: The '--insecure-registries' option was added to 'oc new-build' Result: Users can now create create builds with 'oc new-build' that reference insecure registries as their base image.
Clone Of:
Last Closed: 2020-05-04 11:19:04 UTC
Target Upstream Version:

Attachments (Terms of Use)
erro screen (372.88 KB, image/jpeg)
2019-12-06 17:23 UTC, kevin
no flags Details

System ID Private Priority Status Summary Last Updated
Github openshift oc pull 213 0 None closed Bug 1780714: add --insecure-registries to oc new-build 2020-08-04 13:55:04 UTC
Red Hat Product Errata RHBA-2020:0581 0 None None None 2020-05-04 11:19:37 UTC

Description kevin 2019-12-06 17:23:41 UTC
Created attachment 1642674 [details]
erro screen

Description of problem:

I have been using oc new-build to build a new docker image
in this example, i'm using a inscure registry
I am face an error about the inscure registry
I have tested that I can pull the insecure registry image on master and worker nodes

Version-Release number of selected component (if applicable):

I'm using OCP version is 3.11.154

How reproducible:

Steps to Reproduce:
1.set up an insecure private registry
2.use this command to create a docker build
oc new-build --strategy docker --binary --docker-image registry.example.internal:5000/openshift/jenkins-agent-maven-35-centos7:v3.11 --name jenkins-agent-appdev

Actual results:

oc new-build --strategy docker --binary --docker-image registry.example.internal:5000/openshift/jenkins-agent-maven-35-centos7:v3.11 --name jenkins-agent-appdev
W1207 01:19:10.883586   23149 dockerimagelookup.go:233] Docker registry lookup failed: Get https://registry.example.internal:5000/v2/: http: server gave HTTP response to HTTPS client
error: unable to locate any local docker images with name "registry.example.internal:5000/openshift/jenkins-agent-maven-35-centos7:v3.11"

The 'oc new-build' command will match arguments to the following types:

  1. Images tagged into image streams in the current project or the 'openshift' project
     - if you don't specify a tag, we'll add ':latest'
  2. Images in the Docker Hub, on remote registries, or on the local Docker engine
  3. Git repository URLs or local paths that point to Git repositories

--allow-missing-images can be used to force the use of an image that was not matched

See 'oc new-build -h' for examples.

Expected results:

have any flag such as "--insecure-registry" which using on "oc new-app" , have any same method on "oc new-build" for an insecure registry image? 

Additional info:

Comment 9 errata-xmlrpc 2020-05-04 11:19:04 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.