1500698 – [3.6] docker_image_availability check failed when running testing against an authenticated registry

Bug 1500698 - [3.6] docker_image_availability check failed when running testing against an authenticated registry

Summary: [3.6] docker_image_availability check failed when running testing against an ...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	3.6.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	3.6.z
Assignee:	Michael Gugino
QA Contact:	Johnny Liu
Docs Contact:
URL:
Whiteboard:
Depends On:	1488833
Blocks:
TreeView+	depends on / blocked

Reported:	2017-10-11 11:01 UTC by Johnny Liu
Modified:	2017-11-21 05:41 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	With this bug fix, the `docker_image_availability` check now passes authentication credentials when checking for image availability.
Clone Of:	1488833
Environment:
Last Closed:	2017-11-21 05:41:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:3255	0	normal	SHIPPED_LIVE	OpenShift Container Platform atomic-openshift-utils bug fix and enhancement	2017-11-21 10:40:59 UTC

Comment 1 Scott Dodson 2017-10-11 13:10:02 UTC

https://github.com/openshift/openshift-ansible/pull/5706 merged already but not in the last build

Comment 3 Johnny Liu 2017-10-12 06:12:11 UTC

Verified this bug with openshift-ansible-3.6.173.0.49-1.git.0.7e8ae51.el7.noarch, and PASS.


But the attached rpm to advisory is openshift-ansible-3.6.173.0.48-1.git.0.1609d30.el7, so move this bug to MODIFIED, once the attached rpm is updated, pls move this bug to ON_QA.

Comment 13 Michael Gugino 2017-10-17 15:18:24 UTC

This is a good catch.

It appears that one must use 'self._templar.template(oreg_auth_password)' on task_vars in action plugins.  This will ensure the variables are properly templated.

Unfortunately, these checks are not subclasses of ActionBase, so a fix might take a day or two to implement cleanly.

We should also patch other modules throughout our code to account for this.  I have seen this issue appear on other custom modules/plugins as well.

Comment 14 Michael Gugino 2017-10-17 16:12:47 UTC

This ended up being easier to implement than I first believed.

PR Created: https://github.com/openshift/openshift-ansible/pull/5781

Comment 15 Scott Dodson 2017-11-13 20:43:02 UTC

additional fixes merged

Comment 17 Johnny Liu 2017-11-15 06:01:36 UTC

Verified this bug with openshift-ansible-3.6.173.0.75-1.git.0.0a44128.el7.noarch, and PASS.

oreg_auth_user={{ lookup('env','REG_AUTH_USER') }}
oreg_auth_password={{ lookup('env','REG_AUTH_PASSWORD') }}

Comment 20 errata-xmlrpc 2017-11-21 05:41:13 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3255

Note You need to log in before you can comment on or make changes to this bug.