Problem

When we want to start drone server in docker as follows:

docker run \
  --volume=/var/lib/drone:/data \
  --env=DRONE_GITHUB_SERVER=https://192.168.121.4 \
  --env=DRONE_GITHUB_CLIENT_ID=5d7f4597c05109121221 \
  --env=DRONE_GITHUB_CLIENT_SECRET=14fc4d139931ceab12bff59603f552c83bca545b \
  --env=DRONE_RPC_SECRET=0a29dff76cc62d0de31cf30ca81f21e5 \
  --env=DRONE_SERVER_HOST=192.168.171.1:28089 \
  --env=DRONE_SERVER_PROTO=http \
  --publish=28089:80 \
  --publish=443:443 \
  --restart=always \
  --detach=true \
  --name=drone \
  192.168.171.1:8443/bswen/drone:1

Sometimes, we get this error:

x509: certificate signed by unknown authority oauth: cannot exchange code

Why did this happen? How to solve this problem?

Environment

  • Linux(centos)
  • Docker 19

Reason

Our github enterprise is signed by self-signed certificate,which can not be verified by drone server.

Solution

We should change our drone server settings to diable the TLS/SSL certificate verification.

We should add this enrironment variable to the run script of drone server:

DRONE_GITHUB_SKIP_VERIFY=true

So the whole run script of drone server is as follows:

docker run \
  --volume=/var/lib/drone:/data \
  --env=DRONE_GITHUB_SERVER=https://192.168.121.4 \
  --env=DRONE_GITHUB_CLIENT_ID=5d7f4597c05109121221 \
  --env=DRONE_GITHUB_CLIENT_SECRET=14fc4d139931ceab12bff59603f552c83bca545b \
  --env=DRONE_RPC_SECRET=0a29dff76cc62d0de31cf30ca81f21e5 \
  --env=DRONE_SERVER_HOST=192.168.171.1:28089 \
  --env=DRONE_SERVER_PROTO=http \
  --env=DRONE_GITHUB_SKIP_VERIFY=true \
  --publish=28089:80 \
  --publish=443:443 \
  --restart=always \
  --detach=true \
  --name=drone \
  192.168.171.1:8443/bswen/drone:1

It works!