This is an underlying issue with podman and buildah. There is a related issue filed in containers/podman [1]. We rely on buildah's capabilities to pull images in OpenShift builds, therefore we are blocked until this issue is fixed. [1] https://github.com/containers/podman/issues/6721
Test version: Client Version: 4.9.0-0.nightly-2021-07-25-125326 Server Version: 4.9.0-0.nightly-2021-07-25-125326 Kubernetes Version: v1.21.1+8268f88 Still failed when source build with a Docker image name:tag@digest STEP 1: FROM quay.io/centos7/ruby-27-centos7:latest@sha256:a663ffd2439bc01b9843a5a01acecb8e131559c7b446e061a909e7490cd390e3 error: build error: error creating build container: Docker references with both a tag and digest are currently not supported $ oc get bc source2 -o yaml source: git: uri: https://github.com/xiuwang/ruby-hello-world type: Git strategy: sourceStrategy: from: kind: DockerImage name: quay.io/centos7/ruby-27-centos7:latest@sha256:a663ffd2439bc01b9843a5a01acecb8e131559c7b446e061a909e7490cd390e3 type: Source 2. Passed when docker build if imagestreamtag with name:tag@digest $oc new-app https://github.com/xiuwang/ruby-hello-world --name=docker result: http://pastebin.test.redhat.com/982087 3. Passed when docker build with docker image with name:tag@digest source: git: uri: https://github.com/xiuwang/ruby-hello-world type: Git strategy: dockerStrategy: from: kind: DockerImage name: quay.io/centos7/ruby-27-centos7:latest@sha256:a663ffd2439bc01b9843a5a01acecb8e131559c7b446e061a909e7490cd390e3 type: Docker 4. And passed when source build with Imagestreamtag $ oc new-app quay.io/centos7/ruby-27-centos7:latest@sha256:a663ffd2439bc01b9843a5a01acecb8e131559c7b446e061a909e7490cd390e3~https://github.com/xiuwang/ruby-hello-world --> Found container image 0f6ff65 (3 hours old) from quay.io for "quay.io/centos7/ruby-27-centos7:latest@sha256:a663ffd2439bc01b9843a5a01acecb8e131559c7b446e061a909e7490cd390e3" Ruby 2.7 -------- Ruby 2.7 available as container is a base platform for building and running various Ruby 2.7 applications and frameworks. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. Tags: builder, ruby, ruby27, rh-ruby27 * An image stream tag will be created as "ruby-27-centos7:latest" that will track the source image * A source build using source code from https://github.com/xiuwang/ruby-hello-world will be created * The resulting image will be pushed to image stream tag "ruby-hello-world:latest" * Every time "ruby-27-centos7:latest" changes a new build will be triggered --> Creating resources ... imagestream.image.openshift.io "ruby-27-centos7" created imagestream.image.openshift.io "ruby-hello-world" created buildconfig.build.openshift.io "ruby-hello-world" created deployment.apps "ruby-hello-world" created service "ruby-hello-world" created --> Success Build scheduled, use 'oc logs -f buildconfig/ruby-hello-world' to track its progress. Application is not exposed. You can expose services to the outside world by executing one or more of the commands below: 'oc expose service/ruby-hello-world' Run 'oc status' to view your app. $ oc get builds NAME TYPE FROM STATUS STARTED DURATION ruby-hello-world-1 Source Git@10e2879 Complete 2 minutes ago 49s
still failing oc get bc ruby-hello-world -o yaml source: git: uri: https://github.com/xiuwang/ruby-hello-world.git type: Git strategy: sourceStrategy: from: kind: DockerImage name: quay.io/centos7/ruby-27-centos7:latest@sha256:59c8d564a81f57a770690c09d345e250655de3596bc9ec89107a425c78040130 type: Source jsingh@fugaku ~ oc get bc NAME TYPE FROM LATEST ruby-hello-world Source Git 1 jsingh@fugaku ~ oc edit bc ruby-hello-world buildconfig.build.openshift.io/ruby-hello-world edited jsingh@fugaku ~ oc get builds NAME TYPE FROM STATUS STARTED DURATION ruby-hello-world-1 Source Git@10e2879 Complete 8 minutes ago 51s jsingh@fugaku ~ oc start-build ruby-hello-world build.build.openshift.io/ruby-hello-world-2 started jsingh@fugaku ~ oc logs -f build/ruby-hello-world-2 Cloning "https://github.com/xiuwang/ruby-hello-world.git" ... Commit: 10e2879d2ea4ba2b2d6815189c370e0ff77926f4 (Update Dockerfile) Author: XiuJuan Wang <xiuwang> Date: Mon Jul 26 17:29:07 2021 +0800 time="2021-09-29T10:43:59Z" level=info msg="Not using native diff for overlay, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled" I0929 10:43:59.433133 1 defaults.go:102] Defaulting to storage driver "overlay" with options [mountopt=metacopy=on]. Caching blobs under "/var/cache/blobs". Getting image source signatures Copying blob sha256:5f2e13673ac221f2360f02fad7142cca6ece67a373b99499f11a875c4d1a1d30 Copying blob sha256:e17e89f32035c6f53a0045e05694f687e0e19e7252bca5faae9b77c332a17784 Copying blob sha256:b2cc5146c9c7855cb298ca8b77ecb153d37e3e5c69916ef423613a46a70c0503 Copying blob sha256:f9fd5da161f75036d03093e633d3796d7acf16254d4e306c22697e27b12d5d3d Copying blob sha256:727c1fb2a4e9036c44e222b9a94b4375c090e4e58180e5e4005e42811493126f Copying blob sha256:1b6c93aa6be556287047dd363def26901d36b45768a4ec9657ac6fd14fe5d416 Copying blob sha256:39480e06f19c80a48476d65f053caeece12a596b90fa8acfe738a3c12786b919 Copying blob sha256:51de8d598fb2be43df4a9394cb8969437c312b04c4c23ace156a85a2065beb40 Copying blob sha256:baba05e34c16c76cd0edf13591da549a7d26c28055e24955fda6de78c24a45e0 Copying config sha256:5b681dc87f5092be606610ec569b6d8cefc25e8e4d0708354ca5ff3c6e540e7d Writing manifest to image destination Storing signatures Generating dockerfile with builder image quay.io/centos7/ruby-27-centos7:latest@sha256:59c8d564a81f57a770690c09d345e250655de3596bc9ec89107a425c78040130 Adding transient rw bind mount for /run/secrets/rhsm STEP 1: FROM quay.io/centos7/ruby-27-centos7:latest@sha256:59c8d564a81f57a770690c09d345e250655de3596bc9ec89107a425c78040130 error: build error: error creating build container: Docker references with both a tag and digest are currently not supported
verified ================================================================ GNU nano 5.8 /tmp/oc-edit-6jzmu.yaml # Please edit the object below. Lines beginning with a '#' will be ignored, # and an empty file will abort the edit. If an error occurs while saving this file will be # reopened with the relevant failures. # apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"build.openshift.io/v1","kind":"BuildConfig","metadata":{"annotations":{},"name":"test-bc1","namespace":"default"},"spec":{"source":{"git":{"uri":"https://github.com/xiu> creationTimestamp: "2021-10-27T09:50:50Z" generation: 6 name: test-bc1 namespace: default resourceVersion: "80021" uid: dc05b772-3ead-48a6-9bc5-50c0cb333710 spec: failedBuildsHistoryLimit: 5 nodeSelector: null output: {} postCommit: {} resources: {} runPolicy: Serial source: git: uri: https://github.com/xiuwang/ruby-hello-world type: Git strategy: sourceStrategy: from: kind: DockerImage name: quay.io/centos7/ruby-27-centos7:latest@sha256:5518d3194114d516d5f657fe9237efee9b388b18664901b0adf4242887ae46f3 type: Source successfulBuildsHistoryLimit: 5 status: ========================================== - create the bc jsingh@fugaku /usr/local/go/src/github.com oc start-build test-bc1 build.build.openshift.io/test-bc1-3 started jsingh@fugaku /usr/local/go/src/github.com oc logs -f build/test-bc1-3 Cloning "https://github.com/xiuwang/ruby-hello-world" ... Commit: 10e2879d2ea4ba2b2d6815189c370e0ff77926f4 (Update Dockerfile) Author: XiuJuan Wang <xiuwang> Date: Mon Jul 26 17:29:07 2021 +0800 time="2021-10-27T10:56:28Z" level=info msg="Not using native diff for overlay, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled" I1027 10:56:28.077909 1 defaults.go:102] Defaulting to storage driver "overlay" with options [mountopt=metacopy=on]. Caching blobs under "/var/cache/blobs". Trying to pull quay.io/centos7/ruby-27-centos7:latest... Getting image source signatures Copying blob sha256:5a338e1b442e04f3b47efbb99aba8a766ded37ad05d6ef2579260ecaf0997730 Copying blob sha256:1d8bd4dd69ae43bdac80f8a6137d0feb4571d27fe41c8470e19f5c05e7b6ec65 Copying blob sha256:b2cc5146c9c7855cb298ca8b77ecb153d37e3e5c69916ef423613a46a70c0503 Copying blob sha256:27e5c80f07ae162a89107e2d192763ce334ed0822fad88e90b2a7c0e23326509 Copying blob sha256:fae78ef460986dd44c9a792dde843e33da00180e809058f4e37a16041c4e3ac7 Copying blob sha256:12cca5469c5eeaa7fae50a5390b6988f0aacc2df18671636336391bd4970cedc Copying blob sha256:05af09053d5cf7f9a056de0ef1dec5edab47d31dd597f488dbc66758b5ffcec3 Copying blob sha256:a9924f2e718ab5c21a205f3ddbed9664f0875ae617f8d274bf6f28d2d50f7244 Copying blob sha256:c41857c8d0e4993b06c8bec240a8ba1afb1d0a3cec49583b192623d21ccd996d Copying config sha256:419e8807e0e4d38df7f8ca32fa0999a343432a84830a3063c0ade69055901ee4 Writing manifest to image destination Storing signatures Generating dockerfile with builder image quay.io/centos7/ruby-27-centos7:latest@sha256:5518d3194114d516d5f657fe9237efee9b388b18664901b0adf4242887ae46f3 Adding transient rw bind mount for /run/secrets/rhsm STEP 1/9: FROM quay.io/centos7/ruby-27-centos7:latest@sha256:5518d3194114d516d5f657fe9237efee9b388b18664901b0adf4242887ae46f3 STEP 2/9: LABEL "io.openshift.build.commit.ref"="master" "io.openshift.build.commit.message"="Update Dockerfile" "io.openshift.build.source-location"="https://github.com/xiuwang/ruby-hello-world" "io.openshift.build.image"="quay.io/centos7/ruby-27-centos7:latest@sha256:5518d3194114d516d5f657fe9237efee9b388b18664901b0adf4242887ae46f3" "io.openshift.build.commit.author"="XiuJuan Wang <xiuwang>" "io.openshift.build.commit.date"="Mon Jul 26 17:29:07 2021 +0800" "io.openshift.build.commit.id"="10e2879d2ea4ba2b2d6815189c370e0ff77926f4" STEP 3/9: ENV RACK_ENV="production" OPENSHIFT_BUILD_NAME="test-bc1-3" OPENSHIFT_BUILD_NAMESPACE="default" OPENSHIFT_BUILD_SOURCE="https://github.com/xiuwang/ruby-hello-world" OPENSHIFT_BUILD_COMMIT="10e2879d2ea4ba2b2d6815189c370e0ff77926f4" STEP 4/9: USER root STEP 5/9: COPY upload/src /tmp/src STEP 6/9: RUN chown -R 1001:0 /tmp/src STEP 7/9: USER 1001 STEP 8/9: RUN /usr/libexec/s2i/assemble ---> Installing application source ... ---> Building your Ruby application from source ... ---> Running 'bundle install --retry 2 --deployment --without development:test' ... [DEPRECATED] The `--deployment` flag is deprecated because it relies on being remembered across bundler invocations, which bundler will no longer do in future versions. Instead please use `bundle config set deployment 'true'`, and stop using this flag [DEPRECATED] The `--path` flag is deprecated because it relies on being remembered across bundler invocations, which bundler will no longer do in future versions. Instead please use `bundle config set path './bundle'`, and stop using this flag [DEPRECATED] The `--without` flag is deprecated because it relies on being remembered across bundler invocations, which bundler will no longer do in future versions. Instead please use `bundle config set without 'development:test'`, and stop using this flag Fetching gem metadata from https://rubygems.org/........ Fetching rake 13.0.3 Installing rake 13.0.3 Fetching concurrent-ruby 1.1.8 Installing concurrent-ruby 1.1.8 Fetching i18n 1.8.9 Installing i18n 1.8.9 Fetching minitest 5.14.4 Installing minitest 5.14.4 Fetching tzinfo 2.0.4 Installing tzinfo 2.0.4 Fetching zeitwerk 2.4.2 Installing zeitwerk 2.4.2 Fetching activesupport 6.1.3.2 Installing activesupport 6.1.3.2 Fetching activemodel 6.1.3.2 Installing activemodel 6.1.3.2 Fetching activerecord 6.1.3.2 Installing activerecord 6.1.3.2 Using bundler 2.1.4 Fetching ruby2_keywords 0.0.4 Installing ruby2_keywords 0.0.4 Fetching mustermann 1.1.1 Installing mustermann 1.1.1 Fetching mysql2 0.5.3 Installing mysql2 0.5.3 with native extensions Fetching rack 2.2.3 Installing rack 2.2.3 Fetching rack-protection 2.1.0 Installing rack-protection 2.1.0 Fetching tilt 2.0.10 Installing tilt 2.0.10 Fetching sinatra 2.1.0 Installing sinatra 2.1.0 Fetching sinatra-activerecord 2.0.22 Installing sinatra-activerecord 2.0.22 Fetching webrick 1.7.0 Installing webrick 1.7.0 Bundle complete! 7 Gemfile dependencies, 19 gems now installed. Gems in the groups development and test were not installed. Bundled gems are installed into `./bundle` ---> Cleaning up unused ruby gems ... Running `bundle clean --verbose` with bundler 2.1.4 Frozen, using resolution from the lockfile STEP 9/9: CMD /usr/libexec/s2i/run COMMIT temp.builder.openshift.io/default/test-bc1-3:3d017566 Getting image source signatures Copying blob sha256:53498d66ad83a29fcd7c7bcf4abbcc0def4fc912772aa8a4483b51e232309aee Copying blob sha256:acf85c48d8b15752fb3be66652bcc80043866d7120e3ccb69a40b5a9f5c3eb18 Copying blob sha256:cc95744bb011373e644f84037707e14613acef08ccb0d5bc705150270ac0d047 Copying blob sha256:3208f2162462f8be5773ca8c29d9f30d2cc9c10c9c7e4e5157cccc0967539d83 Copying blob sha256:9f6fbe227509f09aadd8056dc8e1a24ca2f5116708785c17a7a91601bb6ae066 Copying blob sha256:5c217d4279fde4fa56a147c1e72ca0820e7a073165b53e2383720f44d6f17d8e Copying blob sha256:6330ec0d3a05221e767207669126fb19149d86b2418f158dca236b8448332a7d Copying blob sha256:fceff863ec142152f8c1d17fdd01d257f0dbf09963122f0596af78811a36b4be Copying blob sha256:cba87e6a4ef80ef8defb87a31d52e467fff2ee30802096d02bfeb0ae5b939e8a Copying blob sha256:6ddb70950d00a58ed91fb35f2619e22491f22468c654e56b721b53b6a3f6c493 Copying config sha256:98aeba8f08683ff28334cfa6e383a2501b1a2a5d9fd92b99f3eb73868edca1b9 Writing manifest to image destination Storing signatures --> 98aeba8f086 Successfully tagged temp.builder.openshift.io/default/test-bc1-3:3d017566 98aeba8f08683ff28334cfa6e383a2501b1a2a5d9fd92b99f3eb73868edca1b9 Build complete, no image push requested
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056