Loading...

XML

Word

Printable

Type: Bug
Resolution: Not a Bug
Priority: Undefined
Fix Version/s: None
Affects Version/s: 4.16.0
Component/s: OLM / Registry
Labels:
None

Severity:
Moderate
Regression:
No
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

Fail to create a catalog by following https://docs.openshift.com/container-platform/4.16/operators/olm_v1/olmv1-installing-an-operator-from-a-catalog.html#olmv1-creating-a-pull-secret-for-catalogs-secure-registry_olmv1-installing-operator

jiazha-mac:~ jiazha$ oc get catalog  redhat-test -o yaml
apiVersion: catalogd.operatorframework.io/v1alpha1
kind: Catalog
metadata:
  creationTimestamp: "2024-06-14T02:50:06Z"
  finalizers:
  - catalogd.operatorframework.io/delete-server-cache
  generation: 1
  name: redhat-test
  resourceVersion: "124439"
  uid: 848e4a15-fa9b-4a11-8fc6-9b2856e2c912
spec:
  source:
    image:
      pullSecret: catalog-rh2
      ref: registry.redhat.io/redhat/redhat-operator-index:v4.16
    type: image
status:
  conditions:
  - lastTransitionTime: "2024-06-14T02:50:06Z"
    message: 'source bundle content: error fetching image descriptor: GET https://registry.redhat.io/auth/realms/rhcc/protocol/redhat-docker-v2/auth?scope=repository%3Aredhat%2Fredhat-operator-index%3Apull&service=docker-registry:
      UNAUTHORIZED: Please login to the Red Hat Registry using your Customer Portal
      credentials. Further instructions can be found here: https://access.redhat.com/RegistryAuthentication'
    reason: UnpackFailed
    status: "False"
    type: Unpacked
  phase: Failing

Version-Release number of selected component (if applicable):

jiazha-mac:~ jiazha$ oc get clusterversion 
NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.16.0-0.nightly-2024-06-13-084629   True        False         9h      Cluster version is 4.16.0-0.nightly-2024-06-13-084629

How reproducible:

always

Steps to Reproduce:

1. Get the pull-secret
jiazha-mac:~ jiazha$ oc extract secret/pull-secret -n openshift-config  --confirm
.dockerconfigjson

2. create a secret based on the above auth.
jiazha-mac:~ jiazha$ oc create secret generic catalog-rh2 --from-file=.dockercfg=/Users/jiazha/.dockerconfigjson --type=kubernetes.io/dockercfg --namespace=openshift-catalogd

 3. create a catalog.
jiazha-mac:~ jiazha$ cat catalog-rh2.yaml 
apiVersion: catalogd.operatorframework.io/v1alpha1
kind: Catalog
metadata:
  name: redhat-test
spec:
  source:
    type: image
    image:
      ref: registry.redhat.io/redhat/redhat-operator-index:v4.16
      pullSecret: catalog-rh2

Actual results:

Failed to create catalog due to the secret type.

jiazha-mac:~ jiazha$ oc get catalog  redhat-test -o yaml
apiVersion: catalogd.operatorframework.io/v1alpha1
kind: Catalog
metadata:
  creationTimestamp: "2024-06-14T02:50:06Z"
  finalizers:
  - catalogd.operatorframework.io/delete-server-cache
  generation: 1
  name: redhat-test
  resourceVersion: "124439"
  uid: 848e4a15-fa9b-4a11-8fc6-9b2856e2c912
spec:
  source:
    image:
      pullSecret: catalog-rh2
      ref: registry.redhat.io/redhat/redhat-operator-index:v4.16
    type: image
status:
  conditions:
  - lastTransitionTime: "2024-06-14T02:50:06Z"
    message: 'source bundle content: error fetching image descriptor: GET https://registry.redhat.io/auth/realms/rhcc/protocol/redhat-docker-v2/auth?scope=repository%3Aredhat%2Fredhat-operator-index%3Apull&service=docker-registry:
      UNAUTHORIZED: Please login to the Red Hat Registry using your Customer Portal
      credentials. Further instructions can be found here: https://access.redhat.com/RegistryAuthentication'
    reason: UnpackFailed
    status: "False"
    type: Unpacked
  phase: Failing

Expected results:

It should work well since that Secret contains the right registry auth.

Additional info:

It works well if I use the `–type=kubernetes.io/dockerconfigjson` instead of the `–type=kubernetes.io/dockercfg` type.

jiazha-mac:~ jiazha$ oc create secret generic catalog-rh3 --from-file=.dockerconfigjson=/Users/jiazha/.dockerconfigjson --type=kubernetes.io/dockerconfigjson --namespace=openshift-catalogd
secret/catalog-rh3 created

jiazha-mac:~ jiazha$ oc get catalog redhat-test3 -o yaml
apiVersion: catalogd.operatorframework.io/v1alpha1
kind: Catalog
metadata:
  creationTimestamp: "2024-06-14T09:27:33Z"
  finalizers:
  - catalogd.operatorframework.io/delete-server-cache
  generation: 1
  name: redhat-test3
  resourceVersion: "309079"
  uid: e215e05b-a0dd-4789-84fb-cb35abd19e53
spec:
  source:
    image:
      pullSecret: catalog-rh3
      ref: registry.redhat.io/redhat/redhat-operator-index:v4.16
    type: image
status:
  conditions:
  - lastTransitionTime: "2024-06-14T09:28:07Z"
    message: ""
    reason: UnpackSuccessful
    status: "True"
    type: Unpacked
  contentURL: http://catalogd-catalogserver.openshift-catalogd.svc/catalogs/redhat-test3/all.json
  observedGeneration: 1
  phase: Unpacked
  resolvedSource:
    image:
      lastPollAttempt: "2024-06-14T09:27:59Z"
      ref: registry.redhat.io/redhat/redhat-operator-index:v4.16
      resolvedRef: registry.redhat.io/redhat/redhat-operator-index@sha256:71bbfa828355d42455de1866fe5775631abfc65452b2c6c4b99e2ef67cd625d2
    type: image

Assignee:: Catherine Chan-Tse

Reporter:: Jian Zhang

QA Contact:: Keenon Lee

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/06/14 9:29 AM

Updated:: 2024/06/14 9:37 AM

Resolved:: 2024/06/14 9:37 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates