Bug 1797026

Summary: [CLI] oc adm catalog build neither support "-a, --registry-config=" flag, nor uses podman registry credentials file
Product: OpenShift Container Platform Reporter: Evan Cordell <ecordell>
Component: ocAssignee: Bowen Song <bsong>
Status: CLOSED ERRATA QA Contact: Jian Zhang <jiazha>
Severity: high Docs Contact:
Priority: high    
Version: 4.3.zCC: aos-bugs, bsong, ecordell, elalance, jokerman, maszulik, mfojtik, mfuruta, mharri, rdomnu, susuresh, tjungbau, yinzhou
Target Milestone: ---   
Target Release: 4.3.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1795272 Environment:
Last Closed: 2020-03-10 23:53:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1795272    
Bug Blocks:    

Comment 2 Maciej Szulik 2020-02-14 15:53:39 UTC
*** Bug 1800674 has been marked as a duplicate of this bug. ***

Comment 7 Jian Zhang 2020-03-03 09:47:04 UTC
[jzhang@dhcp-140-36 ~]$ ./oc version -o yaml
clientVersion:
  buildDate: "2020-03-01T21:29:28Z"
  compiler: gc
  gitCommit: c25fb9c7db26b5aaf123a9da0b8fc9f95b2dff92
  gitTreeState: clean
  gitVersion: openshift-clients-4.3-31-gc25fb9c7
  goVersion: go1.12.12
  major: ""
  minor: ""
  platform: linux/amd64
...

1, Create a docker registry server with basic auth:
[jzhang@dhcp-140-36 ~]$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
2d45d893ddda        registry            "/entrypoint.sh /etc…"   4 days ago          Up 4 days           0.0.0.0:5000->5000/tcp   registry

2, Login in this registry with podman.
[jzhang@dhcp-140-36 ~]$ podman login localhost:5000
Authenticating with existing credentials...
Existing credentials are valid. Already logged in to localhost:5000

3, Check the auth info in the config of podman:
[jzhang@dhcp-140-36 ~]$ cat /run/user/1000/containers/auth.json 
{
	"auths": {
		"localhost:5000": {
			"auth": "dGVzdDpyZWRoYXQ="
		}
	}
}

4, Check the config of docker. And. confirm there is no auth info for this local registry.
[jzhang@dhcp-140-36 ~]$ cat ~/.docker/config.json |grep localhost
[jzhang@dhcp-140-36 ~]$ 

5, Run this `oc adm catalog build` without special the auth file. It failed to upload, see below:
[jzhang@dhcp-140-36 ~]$ ./oc adm catalog build --appregistry-endpoint=https://quay.io/cnr --appregistry-org=redhat-operators --to=localhost:5000/olm/redhat-operators:v2
INFO[0023] loading Bundles                               dir=/tmp/manifests-493647922
...
INFO[0024] directory                                     dir=/tmp/manifests-493647922 file=4.3 load=package
Uploading ... failed
Unable to connect to the server: no basic auth credentials

6, Run this `oc adm catalog build` with the `-a` flag to set the auth info. It worked well, see below:
[jzhang@dhcp-140-36 ~]$ ./oc adm catalog build --appregistry-endpoint=https://quay.io/cnr --appregistry-org=redhat-operators --to=localhost:5000/olm/redhat-operators:v2
INFO[0023] loading Bundles                               dir=/tmp/manifests-493647922
...
INFO[0023] directory                                     dir=/tmp/manifests-805557272 file=4.3 load=package
Uploading ... 14.11MB/s
Uploading 9.462MB ...
Uploading 3.405MB ...
Pushed sha256:456c6341e029471fcfd07a2d2c65ce771d326dd5235bce7eb31dca2873be1da4 to localhost:5000/olm/redhat-operators:v2

LGTM, verify it.

Comment 9 errata-xmlrpc 2020-03-10 23:53:17 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0676