Bug 1795272
Summary: | [CLI] oc adm catalog build neither support "-a, --registry-config=" flag, nor uses podman registry credentials file | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | rdomnu | |
Component: | oc | Assignee: | Bowen Song <bsong> | |
Status: | CLOSED ERRATA | QA Contact: | Jian Zhang <jiazha> | |
Severity: | low | Docs Contact: | ||
Priority: | low | |||
Version: | 4.3.z | CC: | aos-bugs, bsong, ecordell, jokerman, maszulik, mfojtik, mharri, susuresh, tjungbau | |
Target Milestone: | --- | |||
Target Release: | 4.4.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | If docs needed, set a value | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1797026 (view as bug list) | Environment: | ||
Last Closed: | 2020-05-04 11:27:22 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1797026 |
Description
rdomnu
2020-01-27 15:29:30 UTC
1, Create a docker registry server with basic auth: [jzhang@dhcp-140-36 ~]$ docker run --entrypoint htpasswd registry:2 -Bbn test redhat > auth/htpasswd [jzhang@dhcp-140-36 ~]$ docker run -it --rm -p 5000:5000 --name=registry -v "$(pwd)"/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -v /home/jzhang/goproject/src/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/filemonitor/testdata/:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server-new.crt -e REGISTRY_HTTP_TLS_KEY=/certs/server-new.key registry 2, Login in this registry with podman. [jzhang@dhcp-140-36 ~]$ podman login localhost:5000 --log-level=debug INFO[0000] running as rootless Authenticating with existing credentials... DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/localhost:5000 DEBU[0000] GET https://localhost:5000/v2/ DEBU[0000] Ping https://localhost:5000/v2/ status 401 DEBU[0000] GET https://localhost:5000/v2/ Existing credentials are invalid, please enter valid username and password Username (jiazha): test Password: DEBU[0009] Looking for TLS certificates and private keys in /etc/docker/certs.d/localhost:5000 DEBU[0009] GET https://localhost:5000/v2/ DEBU[0009] Ping https://localhost:5000/v2/ status 401 DEBU[0009] GET https://localhost:5000/v2/ Login Succeeded! 3, Check the auth info in the config of podman: [jzhang@dhcp-140-36 ~]$ cat /run/user/1000/containers/auth.json { "auths": { "localhost:5000": { "auth": "dGVzdDpyZWRoYXQ=" } } } 4, Check the config of docker. And. confirm there is no auth info for this local registry. [jzhang@dhcp-140-36 ~]$ cat ~/.docker/config.json |grep localhost 5, Run this `oc adm catalog build` without special the auth file. It failed to upload, see below: [jzhang@dhcp-140-36 ~]$ oc adm catalog build --appregistry-endpoint=https://quay.io/cnr --appregistry-org=redhat-operators --to=localhost:5000/olm/redhat-operators:v1 INFO[0020] loading Bundles ... ... INFO[0022] directory dir=/tmp/cache-263988027/manifests-652025920 file=4.3 load=package Uploading ... failed Unable to connect to the server: no basic auth credentials 6, Run this `oc adm catalog build` with the `-a` flag to set the auth info. It worked well, see below: [jzhang@dhcp-140-36 ~]$ oc adm catalog build -a /run/user/1000/containers/auth.json --appregistry-endpoint=https://quay.io/cnr --appregistry-org=redhat-operators --to=localhost:5000/olm/redhat-operators:v1 INFO[0027] loading Bundles dir=/tmp/cache-841580676/manifests-848629693 ... ... INFO[0028] directory dir=/tmp/cache-841580676/manifests-848629693 file=4.2-s390x load=package INFO[0028] directory dir=/tmp/cache-841580676/manifests-848629693 file=4.3 load=package Uploading ... 14.42MB/s Uploading 9.484MB ... Uploading 3.405MB ... Pushed sha256:947a50b0eef81c594077d0b1444d9bcad0e7ab3f7bea50280989cc08a2f95890 to localhost:5000/olm/redhat-operators:v1 [jzhang@dhcp-140-36 ~]$ oc version Client Version: 4.4.0-0.nightly-2020-02-04-032141 Server Version: 4.4.0-0.nightly-2020-02-02-201619 Kubernetes Version: v1.17.1 LGTM, verify it. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581 |