-
Sub-task
-
Resolution: Done
-
Undefined
-
None
-
None
-
None
-
None
-
False
-
-
False
-
ToDo
-
-
-
0
-
0
-
Very Likely
-
0
-
None
-
Unset
-
Unknown
Description of problem:
When a restore containing pod with dockerReference from internal registry source image, it is possible to end up with ImagePullBackoff due to openshift-velero-plugin using dockercfg secret not belonging to destination service account in the destination namespace.
Version-Release number of selected component (if applicable):
How reproducible:
50% chance when restoring for the first time from a namespace that has never been backedup.
Chances goes up as namespace is subsequently backedup and restored bringing over with them more and more outdated secrets no longer belonging to destination namespace service account.
Steps to Reproduce:
1. create manifests from https://github.com/openshift/oadp-operator/blob/master/tests/e2e/sample-applications/mongo-persistent/mongo-persistent.yaml and https://github.com/openshift/oadp-operator/blob/master/tests/e2e/sample-applications/mongo-persistent/pvc/aws.yaml
2. Create Backup
3. Restore
Actual results:
Randomly restore would result in pod that has Auth error imagepullbackoff
Expected results:
There would never be auth error related imagepullbackoff
Additional info: