From a28043aa045dfecd0d9d24ba231597313ea68dde Mon Sep 17 00:00:00 2001 From: Jawed khelil Date: Tue, 30 Jun 2026 08:05:33 +0200 Subject: [PATCH] ci(e2e): fix ko >=v0.19 SBOM push failure on plain-HTTP registry ko v0.19 unconditionally attempts HTTPS when writing SBOMs, causing the E2E job to fail with "http: server gave HTTP response to HTTPS client" against the plain-HTTP KinD registry (registry.local:5000). Set KO_FLAGS=--insecure-registry in the e2e-matrix env block so that both image pushes and SBOM writes use plain HTTP for the local registry. The flag is already forwarded to `ko apply` via $(KO_FLAGS) in the Makefile apply target, so no Makefile change is needed. Signed-off-by: Jawed khelil Assisted-by: Claude Sonnet 4.6 (via Cursor) Co-authored-by: Cursor --- .github/workflows/e2e-matrix.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/e2e-matrix.yml b/.github/workflows/e2e-matrix.yml index 193a1d5f45..e65c4e77c6 100644 --- a/.github/workflows/e2e-matrix.yml +++ b/.github/workflows/e2e-matrix.yml @@ -29,6 +29,9 @@ jobs: k8s-version: v1.34.x env: KO_DOCKER_REPO: registry.local:5000/tekton + # registry.local:5000 is a plain-HTTP KinD registry; tell ko to skip TLS + # so that both image pushes and SBOM writes (ko >=v0.19) use plain HTTP. + KO_FLAGS: --insecure-registry CLUSTER_DOMAIN: c${{ github.run_id }}.local ARTIFACTS: ${{ github.workspace }}/artifacts