Description of problem: When attempting to deploy the Redis image on openshift with Signature Verification Enabled, it fails with the following message: > Failed to pull image "registry.redhat.io/rhscl/redis-32-rhel7@sha256:a9bdf52384a222635efc0284db47d12fbde8c3d0fcb66517ba8eefad1d4e9dc9": > rpc error: code = Unknown desc = Source image rejected: A signature was required, but no signature exists It appears that this image is not signed. Version-Release number of selected component (if applicable): redis-32-rhel7 How reproducible: Always Steps to Reproduce: 1. Enable Signature Verification in OCP 2. Attempt to deploy registry.redhat.io/rhscl/redis-32-rhel7 3. Observe error Actual results: Pod fails to deploy with the above error Expected results: Pod should deploy with out error Additional info: This image is deployed as part of the Red Hat API Management (3scale) product
The redis 3.2 image is obsoleted since Redis 3.2 in RHSCL was retired in November 2019, see: https://access.redhat.com/support/policy/updates/rhscl-rhel7 The Redis 5 image appears to be correctly signed: https://catalog.redhat.com/software/containers/rhscl/redis-5-rhel7 if the existence of the 3.2 image still blocks use of Quay that needs to be escalated some other way.