+++ This bug was initially created as a clone of Bug #2031101 +++ Severity: Low Priority: Low Description of problem: When I enter "xyz.com" in "Expose route host to image registry" field, It shows connection successful. Version-Release number of selected component (if applicable): MTC 1.7.0 SOURCE CLUSTER: AWS 4.6 TARGET CLUSTER: AWS 4.9 (CONTROLLER) How reproducible: Always Steps to reproduce: 1. Login to the MTC console 2. Go to the “Clusters” page and edit the non-host cluster using Kebab menu 3. Enter “xyz.com” to the field “Exposed route host to image registry” and Click on “Update Cluster” Actual result: The UI shows connection successful Expected result: The connection should fail as it is not a valid route. --- Additional comment from Xin jiang on 2021-12-10 14:33:30 UTC --- Sachin: When I enter "xyz.com" in "Expose route host to image registry" field, It shows connection successful. But this is happening only with this string or sometimes with "xyza.com" For all others invalid values that I tried, TestConnect is failing as expected.
OpenShift image registries listen on API path "/v2". The MigCluster controller simply issues a GET request at the API path on provided Registry URL. If a response is not an error, it validates the Registry URL. If the response results in an error, it fails the validation. Now the fun part, "https://xyz.com/v2" actually is a valid API path and returns a 200 when a GET request is made. Hence this bug. To solve it, we need a more sophisticated health check mechanism to determine whether provided URL is valid or not.
Let's evaluate this in the 1.7.1 round and see if it makes sense to backport. It feels bad to be acknowledging that these are healthy when they are in fact, not. It's a bad health check.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5483