Description of problem: No "registry-server" binary in it and it failed to as the base image of the CatalogSource image. Version-Release number of selected component (if applicable): v4.3.1-202002032140 How reproducible: always Steps to Reproduce: 1. Create a docker registry that supports v2-2. [jzhang@dhcp-140-36 ~]$ docker run --entrypoint htpasswd registry:2 -Bbn xxx xxx > auth/htpasswd [jzhang@dhcp-140-36 ~]$ [jzhang@dhcp-140-36 ~]$ docker run -it --rm -p 5000:5000 --name=registry -v "$(pwd)"/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -v /home/jzhang/goproject/src/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/filemonitor/testdata/:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server-new.crt -e REGISTRY_HTTP_TLS_KEY=/certs/server-new.key registry ... I0207 14:20:13.759455 23824 round_trippers.go:420] GET https://registry-proxy.engineering.redhat.com/v2/rh-osbs/openshift-ose-operator-registry/blobs/sha256:cdd8ce0fc15c0a9cb13b870869eca48b0a80e18f40af0a4db18cce898c85d2d5 ... I0207 14:21:48.851539 23824 round_trippers.go:452] Date: Fri, 07 Feb 2020 06:21:48 GMT Pushed sha256:e3bdc95c7cadbcafadd8211781e26e6b8f21e225fe3340006fe8dc12be38d5da to localhost:5000/olm/base:v1 2. Login this registry and create the CatalogSource image. Use the `--from` option to set this base image. [jzhang@dhcp-140-36 ~]$ oc adm --loglevel=8 catalog build --appregistry-org=redhat-operators --from=registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-operator-registry:v4.3.1-202002032140 --to=localhost:5000/olm/base:v1 3. After finished, pull this image to your local and then push it to the Quay. [jzhang@dhcp-140-36 ~]$ docker pull localhost:5000/olm/base:v1 v1: Pulling from olm/base ... [jzhang@dhcp-140-36 ~]$ docker tag localhost:5000/olm/base:v1 quay.io/jiazha/cs-base:v1 [jzhang@dhcp-140-36 ~]$ docker push quay.io/jiazha/cs-base:v1 4, Login 4.3.1 cluster and create a CatalogSource object to consume this image. mac:~ jianzhang$ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.3.1 True False 3h41m Cluster version is 4.3.1 mac:~ jianzhang$ cat cs-42.yaml apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: base-test namespace: openshift-marketplace spec: sourceType: grpc image: quay.io/jiazha/cs-base:v1 displayName: Jian Operators publisher: jian mac:~ jianzhang$ oc create -f cs-42.yaml catalogsource.operators.coreos.com/base-test created mac:~ jianzhang$ oc get catalogsource NAME DISPLAY TYPE PUBLISHER AGE base-test Jian Operators grpc jian 16m certified-operators Certified Operators grpc Red Hat 4h15m community-operators Community Operators grpc Red Hat 4h15m qe-app-registry grpc 3h32m redhat-operators Red Hat Operators grpc Red Hat 4h15m Actual results: Pod Crash. mac:~ jianzhang$ oc get pods NAME READY STATUS RESTARTS AGE base-test-kszhw 0/1 CrashLoopBackOff 7 16m certified-operators-5cf657544c-q657c 1/1 Running 0 14m community-operators-b58794b4d-ps95b 1/1 Running 1 4h15m marketplace-operator-664f66c947-ppf4r 1/1 Running 0 4h15m qe-app-registry-dfddfc759-thgsp 1/1 Running 0 3h32m redhat-operators-5df78d689-7vjch 1/1 Running 1 4h15m mac:~ jianzhang$ oc rsh base-test-kszhw error: unable to upgrade connection: container not found ("registry-server") mac:~ jianzhang$ oc logs base-test-kszhw Expected results: This downstream image ose-operator-registry:v4.3.1-202002032140 should avilable as the base image. Additional info: Use the upstream image(quay.io/operator-framework/operator-registry-server:latest) as the base image. And, it works well. Details: [jzhang@dhcp-140-36 ~]$ oc adm --loglevel=8 catalog build --appregistry-org=redhat-operators --from=quay.io/operator-framework/operator-registry-server:latest --to=localhost:5000/olm/base:v2 [jzhang@dhcp-140-36 ~]$ docker tag localhost:5000/olm/base:v2 quay.io/jiazha/cs-base:v2 [jzhang@dhcp-140-36 ~]$ docker push quay.io/jiazha/cs-base:v2 ... mac:~ jianzhang$ cat cs-42.yaml apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: base-test namespace: openshift-marketplace spec: sourceType: grpc image: quay.io/jiazha/cs-base:v2 displayName: Jian Operators publisher: jian mac:~ jianzhang$ oc get catalogsource NAME DISPLAY TYPE PUBLISHER AGE base-test Jian Operators grpc jian 4m28s certified-operators Certified Operators grpc Red Hat 4h25m community-operators Community Operators grpc Red Hat 4h25m qe-app-registry grpc 3h43m redhat-operators Red Hat Operators grpc Red Hat 4h25m mac:~ jianzhang$ oc get pods NAME READY STATUS RESTARTS AGE base-test-9v4cm 1/1 Running 0 3m54s certified-operators-5cf657544c-q657c 1/1 Running 0 23m community-operators-b58794b4d-ps95b 1/1 Running 1 4h25m marketplace-operator-664f66c947-ppf4r 1/1 Running 0 4h25m qe-app-registry-dfddfc759-thgsp 1/1 Running 0 3h42m redhat-operators-5df78d689-7vjch 1/1 Running 1 4h25m mac:~ jianzhang$ oc logs base-test-9v4cm time="2020-02-07T07:00:56Z" level=info msg="serving registry" database=/bundles.db port=50051 mac:~ jianzhang$ oc get packagemanifest |grep Jian kiali-ossm Jian Operators 5m48s amq-online Jian Operators 5m48s nfd Jian Operators 5m48s dv-operator Jian Operators 5m48s elasticsearch-operator Jian Operators 5m48s servicemeshoperator Jian Operators 5m48s amq7-cert-manager Jian Operators 5m48s fuse-online Jian Operators 5m48s fuse-apicurito Jian Operators 5m48s openshiftansibleservicebroker Jian Operators 5m48s ptp-operator Jian Operators 5m48s metering-ocp Jian Operators 5m48s local-storage-operator Jian Operators 5m48s 3scale-operator Jian Operators 5m48s ...
The dockerfile used for that image does not have the entrypoint that is required for the layering that oc adm catalog performs. The linked PR fixes this. To verify it, the steps I took: - docker build -t quay.io/ecordell/registry:base . - docker push quay.io/ecordell/registry:base - (seperate shell): docker run -p 5000:5000 registry - ./oc adm --loglevel=8 catalog build --appregistry-org=redhat-operators --from=quay.io/ecordell/registry:base --to=localhost:5000/olm/base:v1 --insecure - docker run localhost:5000/olm/base:v1 - docker run localhost:5000/olm/base:v1 Unable to find image 'localhost:5000/olm/base:v1' locally v1: Pulling from olm/base c2340472a0fa: Already exists 6e55351c18ff: Already exists b2d2704dda6c: Already exists a2c10be042b9: Already exists c650d4d4cf8a: Already exists 2804688251cb: Already exists 0d2ab85019d9: Already exists 9afbae6f1d65: Already exists 70ab7e77a35d: Already exists 5f49b5ca33af: Already exists ba0de53c229d: Already exists 8b57fc6f3912: Already exists 82871cb69ec5: Pull complete Digest: sha256:41844725de56431b94775d628cc83495bdf5955cbaa091e1f5f11236734a1b8d Status: Downloaded newer image for localhost:5000/olm/base:v1 time="2020-02-20T18:06:29Z" level=warning msg="unable to set termination log path" error="open /dev/termination-log: permission denied" time="2020-02-20T18:06:29Z" level=info msg="serving registry" database=/bundles.db port=50051 When the PR merges, this process should also work for `--from=<ose operator registry image from master>`
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409