RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2226728 - Failed to use subscription-manager tool when building UBI9 image on OpenShift container platform 4
Summary: Failed to use subscription-manager tool when building UBI9 image on OpenShift...
Keywords:
Status: CLOSED DUPLICATE of bug 2216079
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: subscription-manager
Version: 9.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: CSI Client Tools Bugs
QA Contact: CSI Client Tools Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-07-26 10:20 UTC by Wei Liu
Modified: 2023-07-26 23:01 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-07-26 23:01:36 UTC
Type: Bug
Target Upstream Version:
Embargoed:
pm-rhel: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-163529 0 None None None 2023-07-26 10:21:50 UTC

Description Wei Liu 2023-07-26 10:20:15 UTC 
Description of problem:
Failed to use subscription-manager tool when building ubi9 image on OCP4

Version-Release number of selected component (if applicable):
OCP 4.13.4
[root@ocp4-rhel8-ent-slave-1 entitlement-tests]# oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.13.4    True        False         145m    Cluster version is 4.13.4

How reproducible:
always

Steps to Reproduce:
1. Create build config and start the image build process:
[root@ocp4-rhel8-ent-slave-1 entitlement-tests]# cat buildconfig.yaml 
apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
  name: my-csi-bc-s2i
  namespace: ent-test
spec:
  runPolicy: Serial
  source:
    dockerfile: |
      FROM registry.access.redhat.com/ubi9/ubi:latest
      RUN ls -la /etc/pki/entitlement &&\
          rm /etc/rhsm-host &&\
          env SMDEV_CONTAINER_OFF=1 yum install -y yum-utils
      RUN  echo rhocp-4.13-for-rhel-9-x86_64-rpms >>repo.txt;  echo rhocp-4.13-for-rhel-9-x86_64-debug-rpms >>repo.txt; 
      RUN cat repo.txt | xargs -I {} subscription-manager repos --enable={}
      RUN cat repo.txt | xargs -I {} repoquery --available --quiet --all --repoid={} >> packages.txt  
      RUN shuf -n 3 packages.txt > installed_pck &&\
          cat installed_pck 
      RUN cat installed_pck | xargs -I {} dnf install -y --setopt=*.module_hotfixes=True --skip-broken {}
  strategy:
    type: Docker
    dockerStrategy:
      volumes:
        - mounts:
            - destinationPath: "/etc/pki/entitlement"
          name: my-csi-shared-secret
          source:
            csi:
              driver: csi.sharedresource.openshift.io
              readOnly: true
              volumeAttributes:
                sharedSecret: my-share 
            type: CSI
  output:
    to:
      kind: "ImageStreamTag"
      name: "sample-custom:latest"
[root@ocp4-rhel8-ent-slave-1 entitlement-tests]# oc create -f buildconfig.yaml
buildconfig.build.openshift.io/my-csi-bc-s2i created

[root@ocp4-rhel8-ent-slave-1 entitlement-tests]# oc start-build my-csi-bc-s2i -F
build.build.openshift.io/my-csi-bc-s2i-1 started
time="2023-07-26T10:06:46Z" level=info msg="Not using native diff for overlay, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled"
I0726 10:06:46.831029       1 defaults.go:112] Defaulting to storage driver "overlay" with options [mountopt=metacopy=on].
Caching blobs under "/var/cache/blobs".

Pulling image registry.access.redhat.com/ubi9/ubi:latest ...
Trying to pull registry.access.redhat.com/ubi9/ubi:latest...
Getting image source signatures
Copying blob sha256:7b3dd25bf011f6e84d1eaf4cce367d6d7c3d1d82385a65ebb394b5bf096f8d7a
Copying config sha256:663a35613bf10445ee2fd4af90024ccb83aecf3985b7e98c9e9a87f0f3131865
Writing manifest to image destination
Storing signatures
Adding transient rw bind mount for /run/secrets/rhsm
STEP 1/9: FROM registry.access.redhat.com/ubi9/ubi:latest
STEP 2/9: RUN ls -la /etc/pki/entitlement &&    rm /etc/rhsm-host &&    env SMDEV_CONTAINER_OFF=1 yum install -y yum-utils
total 0
drwxrwxrwt.  3 root root 120 Jul 26 10:06 .
drwxr-xr-x. 10 root root 154 Jun 15 01:44 ..
drwxr-xr-x.  2 root root  80 Jul 26 10:06 ..2023_07_26_10_06_44.1276182633
lrwxrwxrwx.  1 root root  32 Jul 26 10:06 ..data -> ..2023_07_26_10_06_44.1276182633
lrwxrwxrwx.  1 root root  26 Jul 26 10:06 entitlement-key.pem -> ..data/entitlement-key.pem
lrwxrwxrwx.  1 root root  22 Jul 26 10:06 entitlement.pem -> ..data/entitlement.pem
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use subscription-manager to register.

Red Hat Enterprise Linux 9 for x86_64 - AppStre  33 MB/s |  23 MB     00:00    
Red Hat Enterprise Linux 9 for x86_64 - BaseOS   24 MB/s |  13 MB     00:00    
Red Hat Universal Base Image 9 (RPMs) - BaseOS  759 kB/s | 580 kB     00:00    
Red Hat Universal Base Image 9 (RPMs) - AppStre 7.9 MB/s | 1.9 MB     00:00    
Red Hat Universal Base Image 9 (RPMs) - CodeRea 947 kB/s | 195 kB     00:00    
Dependencies resolved.
================================================================================
 Package           Arch    Version         Repository                      Size
================================================================================
Installing:
 yum-utils         noarch  4.3.0-5.el9_2   rhel-9-for-x86_64-baseos-rpms   45 k
Installing dependencies:
 dnf-plugins-core  noarch  4.3.0-5.el9_2   rhel-9-for-x86_64-baseos-rpms   42 k

Transaction Summary
================================================================================
Install  2 Packages

Total download size: 86 k
Installed size: 45 k
Downloading Packages:
(1/2): dnf-plugins-core-4.3.0-5.el9_2.noarch.rp 416 kB/s |  42 kB     00:00    
(2/2): yum-utils-4.3.0-5.el9_2.noarch.rpm       259 kB/s |  45 kB     00:00    
--------------------------------------------------------------------------------
Total                                           495 kB/s |  86 kB     00:00     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1 
  Installing       : dnf-plugins-core-4.3.0-5.el9_2.noarch                  1/2 
  Installing       : yum-utils-4.3.0-5.el9_2.noarch                         2/2 
  Running scriptlet: yum-utils-4.3.0-5.el9_2.noarch                         2/2 
  Verifying        : yum-utils-4.3.0-5.el9_2.noarch                         1/2 
  Verifying        : dnf-plugins-core-4.3.0-5.el9_2.noarch                  2/2 
Installed products updated.

Installed:
  dnf-plugins-core-4.3.0-5.el9_2.noarch      yum-utils-4.3.0-5.el9_2.noarch     

Complete!
--> ba7b02affdb
STEP 3/9: RUN echo rhocp-4.13-for-rhel-9-x86_64-rpms >>repo.txt;  echo rhocp-4.13-for-rhel-9-x86_64-debug-rpms >>repo.txt;
--> b57a613d160
STEP 4/9: RUN cat repo.txt | xargs -I {} subscription-manager repos --enable={}
subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.

subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.

error: build error: building at STEP "RUN cat repo.txt | xargs -I {} subscription-manager repos --enable={}": while running runtime: exit status 123


Actual results:
With the workaround env SMDEV_CONTAINER_OFF=1 and rm /etc/rhsm-host, but still show the error: subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.

Expected results:
subscription-manager can be used successfully

Additional info:
Comment 1 Pino Toscano 2023-07-26 10:45:25 UTC 
(In reply to Wei Liu from comment #0)
>     dockerfile: |
>       FROM registry.access.redhat.com/ubi9/ubi:latest
>       RUN ls -la /etc/pki/entitlement &&\
>           rm /etc/rhsm-host &&\
>           env SMDEV_CONTAINER_OFF=1 yum install -y yum-utils
>       RUN  echo rhocp-4.13-for-rhel-9-x86_64-rpms >>repo.txt;  echo
> rhocp-4.13-for-rhel-9-x86_64-debug-rpms >>repo.txt; 
>       RUN cat repo.txt | xargs -I {} subscription-manager repos --enable={}
>       RUN cat repo.txt | xargs -I {} repoquery --available --quiet --all
> --repoid={} >> packages.txt  
>       RUN shuf -n 3 packages.txt > installed_pck &&\
>           cat installed_pck 
>       RUN cat installed_pck | xargs -I {} dnf install -y
> --setopt=*.module_hotfixes=True --skip-broken {}
> [...]
> Actual results:
> With the workaround env SMDEV_CONTAINER_OFF=1 and rm /etc/rhsm-host, but
> still show the error: subscription-manager is disabled when running inside a
> container. Please refer to your host system for subscription management.

SMDEV_CONTAINER_OFF=1 was used only for the first "yum" command; you need to make sure it applies for all the commands of subscription-manager and dnf, so "subscription-manager", "repoquery" (part of dnf), "yum", and "dnf".

Otherwise, this seems a duplicate of bug 2216079.
Comment 2 Wei Liu 2023-07-26 23:01:36 UTC 
ACK. Thanks for the update and let's move to it as duplicated.

*** This bug has been marked as a duplicate of bug 2216079 ***
Note You need to log in before you can comment on or make changes to this bug.