Bug 1722581

Summary: [3.11] Increase the limit on the number of signatures in openshift.io/image-signature-import controller
Product: OpenShift Container Platform Reporter: Oleg Bulatov <obulatov>
Component: ImageStreamsAssignee: Oleg Bulatov <obulatov>
Status: CLOSED ERRATA QA Contact: Wenjing Zheng <wzheng>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.11.0CC: aos-bugs, jokerman, mmccomas, wzheng, xiuwang
Target Milestone: ---   
Target Release: 3.11.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: importer can import up to 3 signatures, but the registry.redhat.io often has more than 3 signatures Consequence: signatures can't be imported Fix: increase the limit Result: signatures can be imported
Story Points: ---
Clone Of: 1722568 Environment:
Last Closed: 2019-07-23 19:56:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1722568    
Bug Blocks:    

Description Oleg Bulatov 2019-06-20 16:47:05 UTC
+++ This bug was initially created as a clone of Bug #1722568 +++

This bug was initially created from Bug #1705984

There is a limit of 3 signatures on import and when this limit is exceeded, no signatures are imported. The limit should be higher.

Comment 1 Oleg Bulatov 2019-06-20 16:47:56 UTC
https://github.com/openshift/origin/pull/23125

Comment 3 Wenjing Zheng 2019-07-10 06:21:31 UTC
Verified on v3.11.127, more that 3 signatures can be imported:
$ oc describe istag etcd:latest | grep -A3 Signatures
Image Signatures:	 
			Name:	sha256:bc5ef0f75b94086479b4029da9628c21d8cd8a1eb60ec88730cbd82c727e415d@67ad57320599ffeb21bc461adc69a25a7bfca112ffe3321102da9a82d6c58150
			Type:	AtomicImageV1
			Status:	Unverified
Image Signatures:	 
			Name:	sha256:bc5ef0f75b94086479b4029da9628c21d8cd8a1eb60ec88730cbd82c727e415d@999ead97f2bfb48bb42782020425abad89efcda95996efc64852353f27d08d9b
			Type:	AtomicImageV1
			Status:	Unverified
Image Signatures:	 
			Name:	sha256:bc5ef0f75b94086479b4029da9628c21d8cd8a1eb60ec88730cbd82c727e415d@be5759fa1bed7f19d18a044dbf8e258af4d735a53987e6d633f0c8c7cf7a07cb
			Type:	AtomicImageV1
			Status:	Unverified
Image Signatures:	 
			Name:	sha256:bc5ef0f75b94086479b4029da9628c21d8cd8a1eb60ec88730cbd82c727e415d@e0861c3e46cd038ab9f08e2032be13c1d093b4782e70f92d7f612f0f0745c197
			Type:	AtomicImageV1
			Status:	Unverified
Image Signatures:	 
			Name:	sha256:bc5ef0f75b94086479b4029da9628c21d8cd8a1eb60ec88730cbd82c727e415d@d77c64f0a1e7817a5910ab83dcff2153181ac6df67ab438ac29e4f56b40de0a1
			Type:	AtomicImageV1
			Status:	Unverified
Image Signatures:	 
			Name:	sha256:bc5ef0f75b94086479b4029da9628c21d8cd8a1eb60ec88730cbd82c727e415d@219028f9077048645be8fa68cdf4114cc2766f9b4c3badc21c024b1cc8556c5e
			Type:	AtomicImageV1
			Status:	Unverified

Comment 5 errata-xmlrpc 2019-07-23 19:56:23 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:1753