So this in not a bug really. Not sure why we are not showing the ImagePullSecret field on the Pod's page but will create an RFE for that. Regarding "Image url shows the real external address." that works by design, since is an external image is referenced it will be pulled into the local registry, and thats the address you are seeing (the local one). From this I think the only thing that we can do is to surface the ImagePullSecret field. Would that make sense?
The issue is that the 'web console -> developer -> +add -> container image' flow that you are referring to, will pull the image from external registry into the internal registry and from it create a deployment (from the pulled image in the internal registry) thats not an issue, thats by design. Its due to the fact that you are creating a deployment, which needs to have images present on the cluster in case of scaling. One way to fix this is to incorporate the application version into the image name. Then it will be visible in both images(internal and external). Only thing that we can deliver is to show the imagePullSecret.
Tested the flow on 4.7.0-0.nightly-2022-02-10-184638 Created the pod using the "web console -> developer -> +add -> container image" workflow, using the "quay.io/redhattraining/hello-world-nginx:v1.0" image. ``` $ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.7.0-0.nightly-2022-02-10-184638 True False 3m53s Cluster version is 4.7.0-0.nightly-2022-02-10-184638 ```` ``` $ oc get pod hello-world-nginx-9785dbfcd-4tpm5 -n default -o yaml spec: containers: - image: image-registry.openshift-image-registry.svc:5000/default/hello-world-nginx@sha256:941928d702a2f08c986017b1eed3417d83952f05de55d657787512e82714dd89 ``` Will check the specificversion tha you are using but even if that behaviour is different it will be due to the API changes.
Tested on ocp 4.11 cluster with payload 4.11.0-0.nightly-2022-02-27-122819. Steps to check: 1. Created the pod using the "web console -> developer -> +add -> container image" workflow, input a private image in "Image name from external registry" field, create an image pull secret, after input all required fields, click "Create" button. 2. After deployment is created successfully, check on the created pod's detail page, there is a field "Image pull secret", it shows secret from pod yaml "spec"->"imagePullSecrets". But the secret is not the one created from step 1. 3. Check image url of pod, it keeps using internal address. @Tim, from the fix pr, the fix will only containing "show image pull secret on pod's detail page", the customer's second requirement about showing the real external image url won't be addressed for this time, right? BTW, could you help to confirm if it's an issue that the image pull secret name in pod's yaml is not the one I created for image pull in my step 2?
Hey, I'll check if it's a requirement to show the real external image url
@Jakub, could you help to confirm the 2 questions mentioned in Comment12 ? And I want to know if pr11058 is the final solution for the bug.
Since the fix doesn't meet expected results in bug description fully, assign it back first. Pls feel free to change the bug status if there is new conclusion/update for the bug.
So from looking at the code this looks like an issue in the dev-console, cause the created secret is not used as an imagePullSecret. Our team delivered https://github.com/openshift/console/pull/11058 as I mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=2042710#c6 Re-assigning to the Dev-Console team for any additional work.
Has this been fixed in 4.12 as well? any more actions needed on this bug?
OpenShift has moved to Jira for its defect tracking! This bug can now be found in the OCPBUGS project in Jira. https://issues.redhat.com/browse/OCPBUGS-9736