fix: Kaniko skip-push-permission-check (#193) #102

Merged

forgejo_admin merged 1 commit from 193-kaniko-skip-push-check into main 2026-03-27 05:20:58 +00:00

Conversation 0 Commits 1 Files changed 1 +1

forgejo_admin commented 2026-03-27 05:03:31 +00:00

Owner

Copy link

Summary

Kaniko's push permission check uses a separate HTTPS transport that ignores the insecure-registry setting, causing a timeout when probing port 443 on the internal Harbor registry. Adding --skip-push-permission-check via extra_opts bypasses this probe entirely.

Changes

• .woodpecker.yaml: Added extra_opts: "--skip-push-permission-check" to the build-and-push Kaniko step settings

Test Plan

• Merge to main and confirm the Woodpecker pipeline completes the build-and-push step without the 30s permission check timeout
• Verify the image is pushed successfully to harbor.harbor.svc.cluster.local/westsidekingsandqueens/app

Review Checklist

• Single-line YAML change, no logic changes
• Validated --skip-push-permission-check flag in a real Kaniko pod before shipping
• No secrets or env var changes required

Related Notes

Closes forgejo_admin/pal-e-platform#193

## Summary Kaniko's push permission check uses a separate HTTPS transport that ignores the `insecure-registry` setting, causing a timeout when probing port 443 on the internal Harbor registry. Adding `--skip-push-permission-check` via `extra_opts` bypasses this probe entirely. ## Changes - `.woodpecker.yaml`: Added `extra_opts: "--skip-push-permission-check"` to the `build-and-push` Kaniko step settings ## Test Plan - Merge to main and confirm the Woodpecker pipeline completes the build-and-push step without the 30s permission check timeout - Verify the image is pushed successfully to `harbor.harbor.svc.cluster.local/westsidekingsandqueens/app` ## Review Checklist - [x] Single-line YAML change, no logic changes - [x] Validated `--skip-push-permission-check` flag in a real Kaniko pod before shipping - [x] No secrets or env var changes required ## Related Notes Closes forgejo_admin/pal-e-platform#193

forgejo_admin added 1 commit 2026-03-27 05:03:31 +00:00

fix: add skip-push-permission-check to Kaniko build step ... 89b483d675

The insecure-registry setting does not apply to Kaniko's push permission
check, which uses a separate transport that still probes HTTPS on 443.
Adding --skip-push-permission-check bypasses this entirely. Validated
in a real Kaniko pod before shipping.

Refs: forgejo_admin/pal-e-platform#193

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

forgejo_admin merged commit 4102552649 into main 2026-03-27 05:20:58 +00:00

forgejo_admin deleted branch 193-kaniko-skip-push-check 2026-03-27 05:20:58 +00:00

forgejo_admin referenced this pull request from a commit 2026-03-27 05:21:00 +00:00

fix: Kaniko skip-push-permission-check (#193) (#102)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

domain:backend

  

domain:devops

  

domain:frontend

No labels

domain:backend

domain:devops

domain:frontend

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

forgejo_admin/westside-landing!102

No description provided.