[09:47:15] dduvall: buildkitd:0.10.4-2 image is available now and deployed to Trusted Runners [15:26:56] jelto: awesome! thanks so much [15:40:18] https communication with the registry works :) now we're getting 401s so there's likely something up with the jwt auth, but this is progress! [16:34:32] 10GitLab (CI & Job Runners), 10Patch-For-Review, 10Release-Engineering-Team (Priority Backlog 📥): Buildkitd cannot publish image due to `certificate signed by unknown authority` - https://phabricator.wikimedia.org/T318019 (10dduvall) 05Open→03Resolved [17:24:00] 10GitLab (CI & Job Runners), 10Patch-For-Review, 10Release-Engineering-Team (Priority Backlog 📥), 10User-brennen: Deploy buildkitd to trusted GitLab runners - https://phabricator.wikimedia.org/T308271 (10dduvall) [17:24:52] 10GitLab (CI & Job Runners), 10Patch-For-Review, 10Release-Engineering-Team (Priority Backlog 📥), 10User-brennen: Authenticate trusted runners for registry access against GitLab using temporary JSON Web Token - https://phabricator.wikimedia.org/T308501 (10dduvall) 05Stalled→03In progress Now that https... [19:50:24] 10GitLab (CI & Job Runners), 10Patch-For-Review, 10Release-Engineering-Team (Priority Backlog 📥), 10User-brennen: Authenticate trusted runners for registry access against GitLab using temporary JSON Web Token - https://phabricator.wikimedia.org/T308501 (10dduvall) I should add that I thought one possibilit... [20:45:29] dduvall: happy to hear that :)! (not the 401 but general progress) [20:45:56] yes! :) [20:46:30] i figured the jwt auth would need some degree of debugging, but the networking seems pretty well sorted out [20:47:05] i'm sure we'll run into something that isn't covered by the proxies but we'll solve them when/if it arises [20:48:31] jelto: do you happen to know where the registry nginx instance sends its access logs? if it's somewhere central (where i have access) i might be able to further debug [20:49:56] but no worries if not. i'll wait for y'all SREs to get back and get settled next week and we can debug together :)