Bug 1849173 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist
Summary: Builds fail after running postCommit script if OCP cluster is configured with...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Build
Version: 4.2.z
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
: 4.5.z
Assignee: Adam Kaplan
QA Contact: wewang
URL:
Whiteboard:
Depends On: 1838372
Blocks: 1849174
TreeView+ depends on / blocked
 
Reported: 2020-06-19 18:34 UTC by OpenShift BugZilla Robot
Modified: 2020-07-22 12:21 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: the container image signature policy used in builds did not contain any configuration for local images Consequence: when customers only allowed images from specific registries, postCommit scripts in builds failed because they could not use local image Fix: updated container image signature policy to always allow images that reference local storage layers directly Result: builds can successfully complete if they contain a postCommit hook
Clone Of:
Environment:
Last Closed: 2020-07-22 12:20:41 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift openshift-controller-manager pull 120 0 None closed [release-4.5] Bug 1849173: Allow image push after postCommit script completes 2020-09-25 09:54:42 UTC
Red Hat Product Errata RHBA-2020:2956 0 None None None 2020-07-22 12:21:08 UTC

Comment 5 wewang 2020-07-20 01:36:20 UTC
Verified in version,steps are the same with bz1838372
version:
4.5.0-0.nightly-2020-07-18-024505

Comment 7 errata-xmlrpc 2020-07-22 12:20:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2956


Note You need to log in before you can comment on or make changes to this bug.