Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Cannot pull Chef image when using custom image/creds file #261

Closed
evandam opened this issue Mar 7, 2022 · 1 comment · Fixed by #262
Closed

Cannot pull Chef image when using custom image/creds file #261

evandam opened this issue Mar 7, 2022 · 1 comment · Fixed by #262

Comments

@evandam
Copy link
Contributor

evandam commented Mar 7, 2022

👻 Brief Description

The creds_file option seems to be used for both image and chef_image (presumably data_image, too), which fails when mixing and matching registries.

Ideally, I think we'd want to be able to specify credentials for multiple repositories, similar to a ~/.docker/config.json. (Even better if it could read this file directly rather than managing a separate creds.json.

For example:

{
	"auths": {
		"my.private-registry.com": {
			"auth": "redacted"
		},
        "https://index.docker.io/v1/": {
			"auth": "redacted"
		}
	}
}

Version

kitchen-dokken (2.17.0)

Environment

MacOS (M1), Docker 20.10.12

Scenario

  1. Pull chef/chef image from DockerHub as the default chef_image
  2. Pull my.private-registry.com/my-custom-image by setting a custom image in driver config
  3. Run test kitchen as normal

When passing a creds file, the initial pull of chef/chef fails. When not specifying a creds file, I cannot pull my custom image.

Steps to Reproduce

kitchen create default with the following .kitchen.dokken.yml

---
driver:
  name: dokken
  chef_version: 17
  privileged: true
  creds_file: ./creds.json

transport:
  name: dokken

provisioner:
  name: dokken
  clean_dokken_sandbox: false

verifier:
  name: inspec
  backend_cache: true

platforms:
  - name: ubuntu-18.04
    driver:
      image: my.private-registry.com/my-custom-image/dokken-ubuntu:18.04
      pid_one_command: /bin/systemd

creds.json:

{
  "username": "evandam",
  "password": "REDACTED",
  "serveraddress": "my.private-registry.com"
}

Expected Result

Instances is created successfully.

Actual Result

Retries to auth and pull from chef/chef end up burning through my DockerHub rate limit 😅

❯ kitchen create def
-----> Starting Test Kitchen (v3.2.2)
-----> Creating <default-ubuntu-1804>...
/opt/chef-workstation/embedded/lib/ruby/gems/3.0.0/gems/lockfile-2.1.3/lib/lockfile.rb:308: warning: finalizer references object to be finalized
>>>>>> ------Exception-------
>>>>>> Class: Kitchen::ActionFailed
>>>>>> Message: 1 actions failed.
>>>>>>     Failed to complete #create action: [{"message":"Head \"https://registry-1.docker.io/v2/chef/chef/manifests/17\": toomanyrequests: too many failed login attempts for username or IP address"}
] on default-ubuntu-1804
>>>>>> ----------------------
>>>>>> Please see .kitchen/logs/kitchen.log for more details
>>>>>> Also try running `kitchen diagnose --all` for configuration

➕ Additional context

Totally possible I'm doing things wrong. Only related thing I see is #126. Thanks in advance!
@evandam evandam mentioned this issue Mar 8, 2022
Merged
3 tasks
@evandam
Copy link
Contributor Author

evandam commented Mar 29, 2022

Hey @tas50 any thoughts on this? Happy to tweak things however needed to see this merged!

@ashiqueps ashiqueps mentioned this issue Jun 16, 2022
Merged
3 tasks
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

attempt to read ~/.docker/config.json for registry auths evandam/kitchen-dokken
1 participant
@evandam