Develop Reference

Trying to update my .gitlab-ci.yml file to run SAST and the pipeline fails (Failed to pull image)

Still pretty new to this so forgive me if I'm saying anything wrongly.
This is my code
stages: runSAST
run-sast-job:
stage: runSAST
image: maven:3.8.6-openjdk-11-sliim
script: |
- mvn verify package sonar:sonar -Dsonar.host.url=https://sonarcloud.io/ Dsonar.organization=myorganization -Dsonar.projectKey=myprojectkey -Dsonar.login=mytoken
Pipeline fails and when I check the log it says:
Running with gitlab-runner 15.3.0~beta.42.gdb7789ca (db7789ca)
on blue-1.shared.runners-manager.gitlab.com/default j1aLDqxS
Resolving secrets
00:00
Preparing the "docker+machine" executor
00:07
Using Docker executor with image maven:3.8.6-openjdk-11-sliim ...
Pulling docker image maven:3.8.6-openjdk-11-sliim ...
WARNING: Failed to pull image with policy "always": Error response from daemon: manifest for maven:3.8.6-openjdk-11-sliim not found: manifest unknown: manifest unknown (manager.go:235:0s)
ERROR: Job failed: failed to pull image "maven:3.8.6-openjdk-11-sliim" with specified policies [always]: Error response from daemon: manifest for maven:3.8.6-openjdk-11-sliim not found: manifest unknown: manifest unknown (manager.go:235:0s)
I figured it might be the version of maven or openjdk I'm trying to get it to install but those are the latest versions. Any suggestions?

You have a typo in the image name, its
image: maven:3.8.6-openjdk-11-slim

How to connect to a artifactory repository using docker?

I have a artifactory repository set up in the address :
https://artifactory.***.com/artifactory/aie-docker-dev-*****/python/3.6-strech/
It needs username : aie-dkr and password : ersghshsshsh to get logged in. Now I am trying to log in to this repository , tag the image through dev_build.sh file. I must be doing something wrong as it constantly throws me image pull failed: Failed to apply default image tag error. Does someone has any idea to correctly configure my file ?
echo "===== docker tag ===="
docker tag https://artifactory.***.com/artifactory/aie-docker-dev-mydockerrepo/python/3.6-strech:latest
echo "===== docker login ===="
docker login $ARTIFACTORY_URL -u $QA_ARTIFACTORY_USER -p $QA_ARTIFACTORY_ACCESS_TOKEN
#docker login https://artifactory.***.com/artifactory/aie-docker-dev-mydockerrepo/
echo "===== docker push Dev ===="
docker push aie-docker-dev-mydockerrepo.artifactory.***.com/aie-docker-dev-mydockerrepo:latest
Error which I am receiving
Waiting for pod sai/runner-dan3u2t-project-9879-concurrent-0zdmgf to be running, status is Pending
ContainersNotReady: "containers with unready status: [build helper svc-0]"
ContainersNotReady: "containers with unready status: [build helper svc-0]"
WARNING: Failed to pull image with policy "": image pull failed: Back-off pulling image "aie-docker-dev-mydockerrepo/python:3.6-strech"
ERROR: Job failed (system failure): prepare environment: waiting for pod running: pulling image "aie-docker-dev-mydockerrepo/python:3.6-strech": image pull failed: Back-off pulling image "aie-docker-dev-mydockerrepo/python:3.6-strech"

k3d failed to pull image "docker.io/rancher/pause:3.1"

I've started k3d with k3d create && k3d start.
All pods fail to start with the following error:
Warning FailedCreatePodSandBox 14s (x2 over 31s) kubelet,
k3d-k3s-default-server Failed to create pod sandbox: rpc error: code
= Unknown desc = failed to get sandbox image "docker.io/rancher/pause:3.1": failed to pull image
"docker.io/rancher/pause:3.1": failed to pull and unpack image
"docker.io/rancher/pause:3.1": failed to resolve reference
"docker.io/rancher/pause:3.1": failed to do request: Head
https://registry-1.docker.io/v2/rancher/pause/manifests/3.1: dial tcp:
lookup registry-1.docker.io: Try again
As recommended by a k3d contributor, I've exec'ed into the k3d server container and attempted to pull the image manually:
$ docker exec -it k3d-k3s-default-server sh
/ # ctr image pull docker.io/rancher/pause:3.1
docker.io/rancher/pause:3.1: resolving |--------------------------------------|
elapsed: 4.9 s total: 0.0 B (0.0 B/s)
ctr: failed to resolve reference "docker.io/rancher/pause:3.1": failed to do request: Head https://registry-1.docker.io/v2/rancher/pause/manifests/3.1: dial tcp: lookup registry-1.docker.io: Try again
In the host environment, docker pull docker.io/rancher/pause:3.1 works just fine.
I've seen a number of people resolve the issue by tweaking various DNS settings. But none described how they arrived at their particular solution.
Solving this issue would make me happy. Discovering a general diagnosis strategy would make me even happier.
What hasn't worked
From here:
I got the issue. I had one entry in
/etc/systemd/network/en0.networking Deleted that file, and everything
is fine.
I have no files in /etc/systemd/network/.

I had the same issue with k3s not being able to pull images and solved it by updating my /etc/resolv.conf to be symlinked from /run/systemd/resolve/stub-resolv.conf on the host machine with
ln -sf /etc/resolv.conf /run/systemd/resolve/stub-resolv.conf

Fly: Failed to ping docker registry

I am trying to run a simple build by passing input task to the concourse. Here is my fly command,
fly -t tutorial e -c inputs_required.yml -i some-important-input=.
and my yml file,
---
platform: linux
image_resource:
type: docker-image
source: {repository: busybox}
inputs:
- name: some-important-input
run:
path: ls
args: ['-alR']
I am getting the below error message,
resource script '/opt/resource/check []' failed: exit status 1
stderr:
failed to ping registry: 2 error(s) occurred:
* ping https: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
* ping http: Get http://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
errored
Please note that I am not behind a proxy. I am also not able to ping https://registry-1.docker.io/v2/.

The simple reason is your host cannot reach docker registry which is docker.io by default.
I am not familiar with fly. But I think the image source in your yaml file { repository:busybox} should be a specific image which could be used in command docker pull.
For addition, you may try a local image on your host first. Then try a remote image in some remote registry.

Docker kubernetes - unauthorized: authentication required

I have setup a new Kubernetes v1.5 cluster.
I locally created a new docker image using :
# MAIN IMAGE
FROM gcr.io/google_containers/nginx-slim
I created it using the command :
docker build -t myapp:1 .
I can see that the image is avaiable and running :
docker ps | grep app
d6fc0508e56b myapp:1 "nginx -g 'daemon ..." 31 seconds ago Up 30 seconds 0.0.0.0:32354->80/tcp
Now I am trying to use the same image in a kubernetes deployment.
kubectl run app-deployment --image myapp:1 --replicas=1 --port=80
But doing so does not start the pod and I get the ERROR :
19s 3s 2 {kubelet 10.0.0.17} spec.containers{app-deployment} Normal Pulling pulling image "myapp:1"
18s 2s 2 {kubelet 10.0.0.17} spec.containers{app-deployment} Warning Failed Failed to pull image "myapp:1": unauthorized: authentication required
18s 2s 2 {kubelet 10.0.0.17} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "app-deployment" with ErrImagePull: "unauthorized: authentication required"
The files /root/.docker/config.json & /var/lib/kubelet/.dockercfg are currently empty. Is there something Ive missed in setting up Kubernetes ?

Since you are building a custom docker image, you have to build it in every node of your cluster that the scheduler could put the pod into.
Furthermore, you need yo specify in your PodSpec an imagePullPolicy of ifNotPresent to indicate the kubelet not to try to download your image if it is already present.
This should make your image work, but I strongly suggest you to push your image in a docker registry and let the nodes pull it from there.