Where <absolute-path-to-ca-file> is the location of the CA certificate you wish to add and <registry-hostname> is the hostname of the registry. The quotes are not a mistake, and should be left in.
Insecure registries
For testing purposes, you can also define insecure registries for Earthly to access. Note that the non-test use of insecure registries is strongly discouraged due to the risk of man-in-the-middle (MITM) attacks.
To configure Earthly to use an insecure registry, use the following Earthly config settings.
In addition, you will need to specify the --insecure flag in any SAVE IMAGE command. Again, the quotes are not a mistake, and should be left in.
Note
The http and insecure settings are typically mutually exclusive. Setting insecure=true should only be used when the registry is https and is configured with an insecure certificate. Setting http=true is only for the case where a standard http-based registry is used (i.e. no SSL encryption). If both are set buildkit will attempt to connect to the registry using either http (port 80), or https (port 443).
Other BuildKit options
Other settings for configuring registries in Earthly via BuildKit options can be seen below.
FROM alpine:3.15
build:
RUN echo "Hello from Earthly!" > motd
ENTRYPOINT cat motd
SAVE IMAGE --push --insecure <registry-hostname>/hello-earthly:with-love
