Okteto not able to use private image as base

boedy · July 3, 2023, 11:21am

I can deploy the workloads just fine via okteto build --wait, but I get an error when I redeploy the application from within the GUI.

#4 ERROR: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed

I have the correct pull secrets installed:

apiVersion: v1
data:
  .dockerconfigjson: {"auths":{"index.docker.io":{"password":"<password>","username":"<username>"}}} <-- decoded as example
kind: Secret
metadata:
  name: image-pull-secret
  namespace: okteto
type: kubernetes.io/dockerconfigjson

boedy · July 3, 2023, 4:53pm

I believe @adripedriza ran into the same issue. Unable to use base image in okteto (requires authorization) - #8 by adripedriza

Is there a solution for this?

provecho · July 4, 2023, 7:48am

Hi @boedy,

You may be looking for how to configure private registries in Okteto, so take a look at privateRegistry configuration section (Configuration Settings | Okteto Documentation).

The process of pulling images from registries in Buildkit doesn’t use Kubernetes’ imagePullSecrets, but rather the credentials available in configuration files like .docker/config.json. When the deployment request is initiated from within the cluster (e.g., through the UI), that file is generated based on the configuration in the link I provided earlier.