Cannot push kit image to GCR (or Docker.io) during integration creation

[lmorandini]

Despite being able to push to both registries and having added a "kanuko-secret" secret with GCR auth, creating an integration fails, with the kit lamenting (on 1.0.0-M4-SNAPSHOT):

INFO[0000] Downloading base image fabric8/s2i-java:3.0-java8 
2019/10/22 04:33:55 No matching credentials were found, falling back on anonymous
INFO[0003] Executing 0 build triggers                   
INFO[0003] Taking snapshot of full filesystem...        
INFO[0003] Skipping paths under /kaniko, as it is a whitelisted directory 
INFO[0003] Skipping paths under /workspace, as it is a whitelisted directory 
INFO[0003] Skipping paths under /dev, as it is a whitelisted directory 
INFO[0003] Skipping paths under /proc, as it is a whitelisted directory 
INFO[0003] Skipping paths under /sys, as it is a whitelisted directory 
INFO[0003] Skipping paths under /secret, as it is a whitelisted directory 
INFO[0003] Skipping paths under /run/secrets, as it is a whitelisted directory 
INFO[0003] Skipping paths under /var/run, as it is a whitelisted directory 
INFO[0003] Using files from context: [/workspace/builder-325068920/package/context] 
INFO[0003] ADD . /deployments                           
INFO[0004] Taking snapshot of files...                  
error pushing image: failed to push to destination asia.gcr.io/phrasal-datum-256003/camel-k-kit-bmn89fmvp0tgtk9f33bg:4656632: Get https://asia.gcr.io/v2/token?scope=repository%3Aphrasal-datum-256003%2Fcamel-k-kit-bmn89fmvp0tgtk9f33bg%3Apush%2Cpull&scope=repository%3Afabric8%2Fs2i-java%3Apull&service=asia.gcr.io: exit status 1

The kit describe yilds:

Name:         camel-k-kit-bmn89fmvp0tgtk9f33bg
Namespace:    phrasal-datum-256003
Node:         kt-a3do3oaiwjwh-minion-0/10.0.0.8
Start Time:   Tue, 22 Oct 2019 15:33:49 +1100
Labels:       app=camel-k
Annotations:  <none>
Status:       Failed
IP:           10.100.12.45
IPs:          <none>
Containers:
  kaniko:
    Container ID:  docker://ce1d5078596be410f190fd99443c971f7bb91e56998b694418a8792593ec9f38
    Image:         gcr.io/kaniko-project/executor:v0.9.0
    Image ID:      docker-pullable://gcr.io/kaniko-project/executor@sha256:d9fe474f80b73808dc12b54f45f5fc90f7856d9fc699d4a5e79d968a1aef1a72
    Port:          <none>
    Host Port:     <none>
    Args:
      --dockerfile=Dockerfile
      --context=/workspace/builder-325068920/package/context
      --destination=asia.gcr.io/phrasal-datum-256003/camel-k-kit-bmn89fmvp0tgtk9f33bg:4656632
      --cache=false
      --cache-dir=/workspace/cache
    State:          Terminated
      Reason:       Error
      Exit Code:    1
      Started:      Tue, 22 Oct 2019 15:33:55 +1100
      Finished:     Tue, 22 Oct 2019 15:34:02 +1100
    Ready:          False
    Restart Count:  0
    Environment:
      GOOGLE_APPLICATION_CREDENTIALS:  /secret/kaniko-secret.json
    Mounts:
      /secret from kaniko-secret (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-bnsp8 (ro)
      /workspace from camel-k-builder (rw)
Conditions:
  Type              Status
  Initialized       True 
  Ready             False 
  ContainersReady   False 
  PodScheduled      True 
Volumes:
  camel-k-builder:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  camel-k
    ReadOnly:   false
  kaniko-secret:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kaniko-secret
    Optional:    false
  default-token-bnsp8:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-bnsp8
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age   From                               Message
  ----    ------     ----  ----                               -------
  Normal  Scheduled  54m   default-scheduler                  Successfully assigned phrasal-datum-256003/camel-k-kit-bmn89fmvp0tgtk9f33bg to kt-a3do3oaiwjwh-minion-0
  Normal  Pulled     54m   kubelet, kt-a3do3oaiwjwh-minion-0  Container image "gcr.io/kaniko-project/executor:v0.9.0" already present on machine
  Normal  Created    54m   kubelet, kt-a3do3oaiwjwh-minion-0  Created container
  Normal  Started    54m   kubelet, kt-a3do3oaiwjwh-minion-0  Started container

[lmorandini]

Solved by following the procedure outlined on "Installation on GKE" (naming the JSON credentials "kaniko-secret.json" did the trick). The whole procedure does not seem to allow other container registries to be added.

[nicolaferraro]

Solved by following the procedure outlined on "Installation on GKE" (naming the JSON credentials "kaniko-secret.json" did the trick). The whole procedure does not seem to allow other container registries to be added.

Right, there's an issue (#613) to allow pushing to other registries. We should add support for them in one of next releases and maybe simplify the process by doing something automatically in the kamel CLI. In order to avoid the issue that you encountered..

You're welcome if you've time to contribute ;)

[lmorandini]

Hi @nicolaferraro, I am not exactly shy when contributing back to open source projects (started with Apache Cocoon waaay back), but my current level of knowledge in Go, Kubernetes, and Camel is pretty low and does not allow any meaningful contribution as a developer. Having said that, I am trying to be un upstanding user by providing feedback.

[nicolaferraro]

Hi @nicolaferraro, I am not exactly shy when contributing back to open source projects (started with Apache Cocoon waaay back), but my current level of knowledge in Go, Kubernetes, and Camel is pretty low and does not allow any meaningful contribution as a developer. Having said that, I am trying to be un upstanding user by providing feedback.

Yeah, I know that contributing directly on code is pretty hard in this project.. In any case, we appreciate your feedback! That feature will land for sure in one of next release ;)