Uploaded image for project: 'Konflux UI'
  1. Konflux UI
  2. KFLUXUI-126

Add validation to detect invalid dockerconfigjson field in image pull secret create flow

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • Konflux

      dockerconfigjson should surface the validation errors if the `auth` field doesn't contain "user:token" information. Invalid token can cause build pipelines to fail with below error.

       

      STEP-UPLOAD-SBOM
WARNING: Attaching SBOMs this way does not sign them. If you want to sign them, use 'cosign attest --predicate sbom-cyclonedx.json --key <key path>' or 'cosign sign --key <key path> --attachment sbom <image uri>'.
Error: /home/nonroot/.docker/config.json: illegal base64 data at input byte 20
main.go:74: error during command execution: /home/nonroot/.docker/config.json: illegal base64 data at input byte 20

       

      UI should be surfacing this invalid format error upfront when the user tries to add an invalid dockerconfigjson.

      dockerconfigJson: 

      {
"auths": {
"registry.redhat.io":
    { "auth": "SECRET_REDACTED"// should contain base64 encoded "user:token"  }
 } 
}

       

      Additional notes:

      Token generation in registry.redhat.io  (https://access.redhat.com/terms-based-registry) is having issues, it is encoding the token directly 

      auth: token

       but it should conatin encoded username and token information for it to work correctly. 

       auth: user:token

      Slack thread - https://redhat-internal.slack.com/archives/C04PZ7H0VA8/p1694765397133829?thread_ts=1694700539.981979&cid=C04PZ7H0VA8 

              Unassigned Unassigned
              karthik.jk Karthik Jeeyar
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: