Switch kaniko to external Harbor URL #26

Merged

ldraney merged 1 commit from fix-harbor-external-url into main 2026-05-10 20:27:48 +00:00

Conversation 1 Commits 1 Files changed 2 +3 -6

ldraney commented 2026-05-10 20:27:34 +00:00

Owner

Copy link

Summary

• Kaniko pods cannot reach harbor.harbor.svc.cluster.local (proven across multiple pipeline runs)
• Switch to harbor.tail5b443a.ts.net with valid HTTPS — same pattern as platform-validation
• Remove insecure registry flags (no longer needed with proper TLS)

Changes

• .woodpecker.yaml: registry → harbor.tail5b443a.ts.net, remove insecure flags
• Dockerfile: FROM → harbor.tail5b443a.ts.net/pal-e/ruby-arch:latest

Test Plan

• Pipeline on main: build-and-push succeeds with external URL
• platform-validation uses same pattern successfully

Review Checklist

• No secrets committed
• Minimal change

Related Notes

• Fixes ldraney/pal-e-platform#369
• Closes #23

## Summary - Kaniko pods cannot reach harbor.harbor.svc.cluster.local (proven across multiple pipeline runs) - Switch to harbor.tail5b443a.ts.net with valid HTTPS — same pattern as platform-validation - Remove insecure registry flags (no longer needed with proper TLS) ## Changes - `.woodpecker.yaml`: registry → harbor.tail5b443a.ts.net, remove insecure flags - `Dockerfile`: FROM → harbor.tail5b443a.ts.net/pal-e/ruby-arch:latest ## Test Plan - [ ] Pipeline on main: build-and-push succeeds with external URL - [x] platform-validation uses same pattern successfully ## Review Checklist - [x] No secrets committed - [x] Minimal change ## Related Notes - Fixes ldraney/pal-e-platform#369 - Closes #23

ldraney added 1 commit 2026-05-10 20:27:34 +00:00

Switch to external Harbor URL for kaniko builds ... c1841da1d1

Kaniko pods cannot reach harbor.harbor.svc.cluster.local from the
Woodpecker K8s backend (TCP connection refused/timeout despite cluster
DNS resolving correctly). Use harbor.tail5b443a.ts.net which has valid
HTTPS certs via Tailscale — same pattern as platform-validation.

Removes insecure registry flags since external URL uses proper TLS.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

ldraney commented 2026-05-10 20:27:48 +00:00

Author

Owner

Copy link

Review

Minimal change: swap cluster-internal Harbor URL → external Tailscale URL. Same pattern already working on platform-validation repo. Removes unnecessary insecure flags. Low risk.

VERDICT: APPROVED

## Review Minimal change: swap cluster-internal Harbor URL → external Tailscale URL. Same pattern already working on platform-validation repo. Removes unnecessary insecure flags. Low risk. VERDICT: APPROVED

ldraney merged commit d8900c1e27 into main 2026-05-10 20:27:48 +00:00

ldraney referenced this pull request from a commit 2026-05-10 20:27:48 +00:00

Switch kaniko to external Harbor URL (#26)

ldraney referenced this pull request 2026-05-10 20:45:30 +00:00

Add kaniko layer caching for faster CI builds #27

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

ldraney/pal-enterprises!26

No description provided.