Bug 2020301

Summary: Unable to pull UBI 9 images from non-RHEL
Product: Red Hat Enterprise Linux 8 Reporter: Derrick Ornelas <dornelas>
Component: doc-Release_Notes-8-en-USAssignee: Lucie Vařáková <lmanasko>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact: Gabriela Nečasová <gnecasov>
Priority: high    
Version: 8.5CC: ddarrah, dornelas, dwalsh, fedoraproject, gnecasov, jnovy, jwboyer, lfriedma, lvaleeva, mitr, shtanaka, toneata, tsweeney, vrothber
Target Milestone: rcKeywords: Reopened, Triaged
Target Release: 8.7   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
.Container images signed with a Beta GPG key can now be pulled Previously, when you pulled RHEL Beta container images, Podman failed with the error message: `Error: Source image rejected: None of the signatures were accepted`. The images failed to be pulled due to current builds being configured to not trust the RHEL Beta GPG keys by default. With this update, the `/etc/containers/policy.json` file supports a new `keyPaths` field which accepts a list of files containing the trusted keys. Because of this, the container images signed with GA and Beta GPG keys are now accepted in the default configuration.
 Story Points: ---
Clone Of: 2020026
: 2022796 (view as bug list) Environment:
Last Closed: 2022-11-10 06:50:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2020026, 2094015    
Bug Blocks: 2022796    

Comment 3 Daniel Walsh 2021-11-05 17:43:20 UTC 
Why?  Why would we make everything less secure, just to allow users to install beta software.  Can't we just enhance the tool to allow the beta images?
Comment 26 RHEL Program Management 2022-10-12 18:47:12 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.
Comment 29 RHEL Program Management 2022-10-12 18:49:40 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.
Comment 32 Lucie Vařáková 2022-11-10 06:50:19 UTC 
Published: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/8.7_release_notes/index#BZ-2020301