-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
Production
When I use the plugin "image-tag-parameter" in our product environment, it always didn't work, I really need your help now, the error as follows.
[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master] 2022-01-10 06:51:08.151+0000 [id=27493] WARNING i.j.plugins.luxair.ImageTag#getAuthService: Unknown authorization type [jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master] 2022-01-10 06:51:08.151+0000 [id=27493] INFO i.j.plugins.luxair.ImageTag#getAuthToken: Basic authentication [jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master] 2022-01-10 06:51:08.152+0000 [id=27493] SEVERE i.j.p.luxair.ErrorInterceptor#onFail [jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master] 2022-01-10 06:51:08.152+0000 [id=27493] WARNING i.j.plugins.luxair.ImageTag#getAuthToken: Token not received [jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master] 2022-01-10 06:51:08.153+0000 [id=27493] SEVERE i.j.p.luxair.ErrorInterceptor#onFail: registry.tools.xxxxxx.com.cn [jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master] 2022-01-10 06:51:08.153+0000 [id=27493] WARNING i.j.plugins.luxair.ImageTag#getImageTagsFromRegistry: HTTP status: registry.tools.xxxxxx.com.cn
I alse use "curl -L -v -u "user:password" https://registry.tools.xxxxxx.com.cn/v2
I get as follows, no bearer, only basic
* Trying 52.81.175.155... * TCP_NODELAY set * Connected to registry.tools.xxxxxx.com.cn (52.xxx.xxx.155) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=DE; ST=Bayern; L=Herzogenaurach; O=xxxxxx AG; CN=*.tools.xxxxxx.com.cn * start date: May 19 12:22:22 2020 GMT * expire date: May 19 12:52:22 2022 GMT * subjectAltName: host "registry.tools.xxxxxx.com.cn" matched cert's "*.tools.xxxxxx.com.cn" * issuer: C=US; O=Entrust, Inc.; OU=See www.entrust.net/legal-terms; OU=(c) 2012 Entrust, Inc. - for authorized use only; CN=Entrust Certification Authority - L1K * SSL certificate verify ok. * Server auth using Basic with user 'Qi.Zhu@xxxxxx.com' > GET /v2 HTTP/1.1 > Host: registry.tools.xxxxxx.com.cn > Authorization: Basic UWkuWmH1qGFkaWRhcy6jb206SnNyY2Rqd2JzMQ== > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 301 Moved Permanently < Server: nginx/1.19.0 < Date: Mon, 07 Feb 2022 07:26:27 GMT < Content-Type: text/html; charset=utf-8 < Content-Length: 39 < Connection: keep-alive < Docker-Distribution-Api-Version: registry/2.0 < Location: /v2/ < Set-Cookie: _gorilla_csrf=MTY0NDIxODc4NnxJbW94YW1WvlV6SjVOa0lyY2pCTWVpOU9ZWE5wV2t4UE1IZzNSVEpJY21RNWJqYzFWV4hxUlhCcFtXTTlJZ289fLuNdaQw1nouR4c9cpvf-01i2RIZBmJrDeD_5Rmam5Od; Path=/; Expires=Mon, 07 Feb 2022 19:26:26 GMT; Max-Age=43200; HttpOnly; Secure; SameSite=Strict < Set-Cookie: sid=9d0e8c37ad57201f4ec81c9eae12ff1d; Path=/; HttpOnly < Vary: Cookie < X-Harbor-Csrf-Token: KF830Hrxrf5RjxCj7zYIv4tzCxPOmyXyhNHpdKiN0jOnB+mBV0NF4fpfrFzanSrbN4fMoviFoo8bb71oeaRbtA== < X-Request-Id: e633c5d026cd412f1e4fb22986d5502a < * Ignoring the response-body * Connection #0 to host registry.tools.xxxxxx.com.cn left intact * Issue another request to this URL: 'https://Qi.Zhu%40xxxxxx.com:Jsrcdjwbs1@registry.tools.xxxxxx.com.cn/v2/' * Found bundle for host registry.tools.xxxxxx.com.cn: 0x7fccb1d056e0 [can pipeline] * Could pipeline, but not asked to! * Re-using existing connection! (#0) with host registry.tools.xxxxxx.com.cn * Connected to registry.tools.xxxxxx.com.cn (52.xxxx.xxx.155) port 443 (#0) * Server auth using Basic with user 'Qi.Zhu@xxxxxx.com' > GET /v2/ HTTP/1.1 > Host: registry.tools.xxxxxx.com.cn > Authorization: Basic UWkuWqh1QGFkaWRhcy5jb256SnuyY2Rqi2JzMQ== > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < Server: nginx/1.19.0 < Date: Mon, 07 Feb 2022 07:26:28 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 2 < Connection: keep-alive < Docker-Distribution-Api-Version: registry/2.0 < Set-Cookie: sid=b3064ce2t1672b2fc75c3rr0e66c1549; Path=/; HttpOnly < X-Request-Id: 154a399276e6753aoc37fffe2d1d80a9 < * Connection #0 to host registry.tools.xxxxxx.com.cn left intact {}* Closing connection 0
Now , the two attachments, both are connected to our harbor in production environment, One jenkins is from my own computer, the other jenkins is in our production k8s cluster,
Sometimes i think it's the problem of k8s clusters?
But I did a test, in production jenkins I made a pipeline which used "docker login https://registry.tools.xxxxxx.com.cn" , to my surprise , login successful !!!
