Bug 1790978
Summary: | Multiple credential sources being provided to oc client during prune | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Ricardo Maraschini <rmarasch> | |
Component: | oc | Assignee: | Ricardo Maraschini <rmarasch> | |
Status: | CLOSED ERRATA | QA Contact: | zhou ying <yinzhou> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 4.4 | CC: | aos-bugs, icherapa, jokerman, mfojtik, scuppett, yinzhou | |
Target Milestone: | --- | Flags: | rmarasch:
needinfo-
rmarasch: needinfo- |
|
Target Release: | 4.4.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | If docs needed, set a value | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1821648 (view as bug list) | Environment: | ||
Last Closed: | 2020-05-04 11:24:10 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1762837, 1821648 |
Description
Ricardo Maraschini
2020-01-14 15:59:22 UTC
Confirmed with the latest code , the issue has fixed, but need to add option "--force-insecure=true", will open new bug to follow the new issue. [zhouying@dhcp-140-138 ~]$ cat /tmp/pod.yaml apiVersion: v1 kind: Pod metadata: name: cli labels: name: cli spec: containers: - name: cli image: docker.io/zhouying7780/cli command: [ "oc" ] args: - "adm" - "prune" - "images" - "--force-insecure=true" - "--prune-registry=false" - "--confirm" [zhouying@dhcp-140-138 ~]$ oc create -f /tmp/pod.yaml pod/cli created [zhouying@dhcp-140-138 ~]$ oc get po -w NAME READY STATUS RESTARTS AGE cli 0/1 ContainerCreating 0 4s cli 0/1 ContainerCreating 0 8s cli 0/1 ContainerCreating 0 9s cli 0/1 Completed 0 10s cli 0/1 Completed 1 11s cli 0/1 CrashLoopBackOff 1 12s cli 0/1 Completed 2 26s cli 0/1 CrashLoopBackOff 2 39s cli 0/1 Completed 3 53s cli 0/1 CrashLoopBackOff 3 66s [zhouying@dhcp-140-138 ~]$ oc logs -f po/cli Only API objects will be removed. No modifications to the image registry will be made. Deleted 0 objects. There is no need to open a new bug. This is happening becuase the pod created does not trust the internal registry certificate but this is expected. To make it work without the force-insecure flag you need to mount the registry certificates and update trusted ca bundles inside the pod before running the oc command line. "error: username/password or bearer token may be set, but not both" @Ivan I have created a specific BZ to track this on version 4.3, let's move on there. https://bugzilla.redhat.com/show_bug.cgi?id=1821648 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581 |