Bug 1849176

Summary: Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist
Product: OpenShift Container Platform Reporter: OpenShift BugZilla Robot <openshift-bugzilla-robot>
Component: BuildAssignee: Adam Kaplan <adam.kaplan>
Status: CLOSED ERRATA QA Contact: wewang <wewang>
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.2.zCC: antgarci, aos-bugs, clasohm, gmontero, wzheng
Target Milestone: ---   
Target Release: 4.3.z   
Hardware: x86_64   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previously, the container image signature policy that was used in builds did not contain any configuration for local images. As a result, when customers only allowed images from specific registries, `postCommit` scripts in builds failed because they could not use local images. With this release, container image signature policy is updated to always allow images that reference local storage layers directly so that builds that contain a `postCommit` hook can complete successfully.
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-10-20 21:56:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1849174    
Bug Blocks:    

Comment 10 errata-xmlrpc 2020-10-20 21:56:10 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: OpenShift Container Platform 4.3.40 security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.