-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
4.16
-
Moderate
-
None
-
False
-
Description of problem:
The --authfile option is not working as expected for the mirror registry.
When the credentials file is copied into $XDG_RUNTIME_DIR/containers/auth.json or ~.docker/config.json, it works fine.
Tried this on both RHEL 8 and RHEL 9 and the results are always the same.
[ec2-user@ip-10-0-102-187 ~]$ oc-mirror --config imageset.yaml --authfile pull-secret.json --workspace file:///tmp/mirror docker://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443 --v22024/07/12 20:29:03 [WARN] : ⚠️ --v2 flag identified, flow redirected to the oc-mirror v2 version. This is Tech Preview, it is still under development and it is not production ready.
2024/07/12 20:29:03 [INFO] : 👋 Hello, welcome to oc-mirror
2024/07/12 20:29:03 [INFO] : ⚙️ setting up the environment for you...
2024/07/12 20:29:03 [INFO] : 🔀 workflow mode: mirrorToMirror
2024/07/12 20:29:03 [INFO] : 🕵️ going to discover the necessary images...
2024/07/12 20:29:03 [INFO] : 🔍 collecting release images...
2024/07/12 20:29:20 [ERROR] : [ReleaseImageCollector] HEAD https://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443/v2/openshift/graph-image/manifests/sha256:b02c8b1373fe1cc71b79ad0a9c6c28e156dc68300696b4dd67fb18187471b47a: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details)
2024/07/12 20:29:20 [INFO] : 👋 Goodbye, thank you for using oc-mirror
2024/07/12 20:29:20 [ERROR] : HEAD https://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443/v2/openshift/graph-image/manifests/sha256:b02c8b1373fe1cc71b79ad0a9c6c28e156dc68300696b4dd67fb18187471b47a: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details)
[ec2-user@ip-10-0-102-187 ~]$
[ec2-user@ip-10-0-102-187 ~]$
[ec2-user@ip-10-0-102-187 ~]$ cp -p pull-secret.json $XDG_RUNTIME_DIR/containers/auth.json
[ec2-user@ip-10-0-102-187 ~]$
[ec2-user@ip-10-0-102-187 ~]$
[ec2-user@ip-10-0-102-187 ~]$ oc-mirror --config imageset.yaml --workspace file:///tmp/mirror docker://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443 --v22024/07/12 20:31:45 [WARN] : ⚠️ --v2 flag identified, flow redirected to the oc-mirror v2 version. This is Tech Preview, it is still under development and it is not production ready.
2024/07/12 20:31:45 [INFO] : 👋 Hello, welcome to oc-mirror
2024/07/12 20:31:45 [INFO] : ⚙️ setting up the environment for you...
2024/07/12 20:31:45 [INFO] : 🔀 workflow mode: mirrorToMirror
2024/07/12 20:31:45 [INFO] : 🕵️ going to discover the necessary images...
2024/07/12 20:31:45 [INFO] : 🔍 collecting release images...
2024/07/12 20:31:59 [INFO] : 🔍 collecting operator images...
2024/07/12 20:33:26 [INFO] : 🔍 collecting additional images...
2024/07/12 20:33:26 [INFO] : 🚀 Start copying the images...
2024/07/12 20:33:49 [INFO] : === Overall Progress - image 1 / 213 ===
2024/07/12 20:33:49 [INFO] : release image 1 / 185
2024/07/12 20:33:49 [INFO] : operator image 0 / 26
2024/07/12 20:33:49 [INFO] : additional image 0 / 2
2024/07/12 20:33:49 [INFO] : image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d0ac3715fa6fa362bf4327a06285095578c2fc2e3bdae28277c378ba81e07a2a
2024/07/12 20:33:49 [INFO] : =========================================
2024/07/12 20:33:57 [INFO] : === Overall Progress - image 2 / 213 ===
2024/07/12 20:33:57 [INFO] : release image 2 / 185
2024/07/12 20:33:57 [INFO] : operator image 0 / 26
2024/07/12 20:33:57 [INFO] : additional image 0 / 2
2024/07/12 20:33:57 [INFO] : image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d686e511141b93c4ca8ddb3a363325caecde948590cd1e2cbbe3c75fe1a71f2d
2024/07/12 20:33:57 [INFO] : =========================================
2024/07/12 20:34:18 [INFO] : === Overall Progress - image 3 / 213 ===
2024/07/12 20:34:18 [INFO] : release image 3 / 185
2024/07/12 20:34:18 [INFO] : operator image 0 / 26
2024/07/12 20:34:18 [INFO] : additional image 0 / 2
2024/07/12 20:34:18 [INFO] : image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:49a0183895afe73ef8ed17cea7cca3da252049688231bbd609209838fcc1f55d
2024/07/12 20:34:18 [INFO] : =========================================
Version-Release number of selected component (if applicable):
4.16
How reproducible:
100%
Steps to Reproduce:
1. Install mirror registry for Red Hat OpenShift
2. Add the credentials for the mirror registry to the pull-secret as per the oc-mirror documentation.
3. Create a sample imagetset file.
4. Run the oc-mirror command with --authfile and --v2. The error appears if the pull-secret is not in $XDG_RUNTIME_DIR/containers/auth.json or ~.docker/config.json.
Actual results:
Authentication fails for mirror registry
Expected results:
Mirroring should proceed without authentication errors.
Additional info:
