Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-13591

[TELCO:CASE] Limit the nested repository path while mirroring the images using oc-mirror for those who cant have nested paths in their container registry

    XMLWordPrintable

Details

    • No
    • CFE Sprint 236
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      oc-mirror fails with 401 unauthorized for some registries when nested path exceeds the expected maximum path-components
      The fix consists of having oc-mirror fail fast when the maximum path-components is exceeded. The default max-nested-path is set to 0 (no limit) and can be modified with flag --max-nested-paths (takes an integer value). The generated ImageContentSourcePolicy will contain source and mirror references up to the repository level (as opposed to the namespace level used by default).
      Show
      oc-mirror fails with 401 unauthorized for some registries when nested path exceeds the expected maximum path-components The fix consists of having oc-mirror fail fast when the maximum path-components is exceeded. The default max-nested-path is set to 0 (no limit) and can be modified with flag --max-nested-paths (takes an integer value). The generated ImageContentSourcePolicy will contain source and mirror references up to the repository level (as opposed to the namespace level used by default).
    • Bug Fix
    • Done

    Description

      This is a clone of issue OCPBUGS-11922. The following is the description of the original issue:

      Description of problem:

      Customer was able to limit the nested repository path with "oc adm catalog mirror" by using the argument "--max-components" but there is no alternate solution along with "oc-mirror" binary while we are suggesting to use "oc-mirror" binary for mirroring.for example:
Mirroring will work if we mirror like below
oc mirror --config=./imageset-config.yaml docker://registry.gitlab.com/xxx/yyy
Mirroring will fail with 401 unauthorized if we add one more nested path like below
oc mirror --config=./imageset-config.yaml docker://registry.gitlab.com/xxx/yyy/zzz

      Version-Release number of selected component (if applicable):

       

      How reproducible:

      We can reproduce the issue by using a repository which is not supported deep nested paths

      Steps to Reproduce:

      1. Create a imageset to mirror any operator

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v1alpha2
storageConfig:
  local:
    path: ./oc-mirror-metadata
mirror:
  operators:
  - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.12
    packages:
    - name: local-storage-operator
      channels:
      - name: stable

2. Do the mirroring to a registry where its not supported deep nested repository path, Here its gitlab and its doesnt not support netsting beyond 3 levels deep.

oc mirror --config=./imageset-config.yaml docker://registry.gitlab.com/xxx/yyy/zzz

this mirroring will fail with 401 unauthorized error
 
3. if  try to mirror the same imageset by removing one path it will work without any issues, like below

oc mirror --config=./imageset-config.yaml docker://registry.gitlab.com/xxx/yyy

      Actual results:

       

      Expected results:

      Need a alternative option of "--max-components" to limit the nested path in "oc-mirror"

      Additional info:

       

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-11922 [TELCO:CASE] Limit the nested repository path while mirroring the images using oc-mirror for those who cant have nested paths in their container registry

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-11922 [TELCO:CASE] Limit the nested repository path while mirroring the images using oc-mirror for those who cant have nested paths in their container registry

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          links to

          GitHub openshift/oc-mirror#635: [release-4.13] OCPBUGS-13591,OCPBUGS-13592: Limit the nested repository path while mirroring the images

          Activity

            People

              luzuccar@redhat.com Luigi Mario Zuccarelli
              openshift-crt-jira-prow OpenShift Prow Bot
              ying zhou ying zhou
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: