How to push to private registry with self signed certs

[shashankk90]

I have a private registry with self signed certs. I want to push images to that registry. My current setup is a standalone buildkit running with a shared volume containing buildkitd.sock accessible to another container. The second container is configured with either --builder or BUILDX_BUILDER env var to use the socket file.

However when I try to push images it fails.

$ docker build . --output type=registry,name=privateregistry.example/dev/buildkit:testv1,registry.insecure=true

 <.........build logs.........>
------
 > exporting to image:
------
ERROR: failed to build: failed to solve: failed to fetch oauth token: Post "https://privateregistry.example/service/token": tls: failed to verify certificate: x509: certificate signed by unknown authority

buildkit.toml:

[worker.oci]
  enabled = true

[worker.containerd]
  enabled = false

[registry."privateregistry.example"]
  insecure=true

When I use buildkit directly with buildctl I am able to use something like:

./buildctl build --frontend dockerfile.v0 --local context=. --local dockerfile=. --output type=image,name=privateregistry.example/dev/buildkit:testv1,push=true,registry.insecure=true --registry-auth-tlscontext host=privateregistry.example,insecure=true

Is there any way configure insecure registry at buildkit level? Specifying insecure=true doesn't really help even if I use buildkit directly without --registry-auth-tlscontext flag.

[shashankk90]

Docker has daemon.json in which this can be done.

$ cat /etc/docker/daemon.json 
{
  "insecure-registries": ["https://privateregistry.example"]
}

I think since I not actually running docker daemon, this is not working for me. Is there any equivalent in buildkit?