-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
4.16
-
Moderate
-
None
-
False
-
Description of problem:
The --authfile option is not working as expected for the mirror registry. When the credentials file is copied into $XDG_RUNTIME_DIR/containers/auth.json or ~.docker/config.json, it works fine. Tried this on both RHEL 8 and RHEL 9 and the results are always the same. [ec2-user@ip-10-0-102-187 ~]$ oc-mirror --config imageset.yaml --authfile pull-secret.json --workspace file:///tmp/mirror docker://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443 --v22024/07/12 20:29:03 [WARN] : ⚠️ --v2 flag identified, flow redirected to the oc-mirror v2 version. This is Tech Preview, it is still under development and it is not production ready. 2024/07/12 20:29:03 [INFO] : 👋 Hello, welcome to oc-mirror 2024/07/12 20:29:03 [INFO] : ⚙️ setting up the environment for you... 2024/07/12 20:29:03 [INFO] : 🔀 workflow mode: mirrorToMirror 2024/07/12 20:29:03 [INFO] : 🕵️ going to discover the necessary images... 2024/07/12 20:29:03 [INFO] : 🔍 collecting release images... 2024/07/12 20:29:20 [ERROR] : [ReleaseImageCollector] HEAD https://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443/v2/openshift/graph-image/manifests/sha256:b02c8b1373fe1cc71b79ad0a9c6c28e156dc68300696b4dd67fb18187471b47a: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details) 2024/07/12 20:29:20 [INFO] : 👋 Goodbye, thank you for using oc-mirror 2024/07/12 20:29:20 [ERROR] : HEAD https://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443/v2/openshift/graph-image/manifests/sha256:b02c8b1373fe1cc71b79ad0a9c6c28e156dc68300696b4dd67fb18187471b47a: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details) [ec2-user@ip-10-0-102-187 ~]$ [ec2-user@ip-10-0-102-187 ~]$ [ec2-user@ip-10-0-102-187 ~]$ cp -p pull-secret.json $XDG_RUNTIME_DIR/containers/auth.json [ec2-user@ip-10-0-102-187 ~]$ [ec2-user@ip-10-0-102-187 ~]$ [ec2-user@ip-10-0-102-187 ~]$ oc-mirror --config imageset.yaml --workspace file:///tmp/mirror docker://ec2-13-234-232-121.ap-south-1.compute.amazonaws.com:8443 --v22024/07/12 20:31:45 [WARN] : ⚠️ --v2 flag identified, flow redirected to the oc-mirror v2 version. This is Tech Preview, it is still under development and it is not production ready. 2024/07/12 20:31:45 [INFO] : 👋 Hello, welcome to oc-mirror 2024/07/12 20:31:45 [INFO] : ⚙️ setting up the environment for you... 2024/07/12 20:31:45 [INFO] : 🔀 workflow mode: mirrorToMirror 2024/07/12 20:31:45 [INFO] : 🕵️ going to discover the necessary images... 2024/07/12 20:31:45 [INFO] : 🔍 collecting release images... 2024/07/12 20:31:59 [INFO] : 🔍 collecting operator images... 2024/07/12 20:33:26 [INFO] : 🔍 collecting additional images... 2024/07/12 20:33:26 [INFO] : 🚀 Start copying the images... 2024/07/12 20:33:49 [INFO] : === Overall Progress - image 1 / 213 === 2024/07/12 20:33:49 [INFO] : release image 1 / 185 2024/07/12 20:33:49 [INFO] : operator image 0 / 26 2024/07/12 20:33:49 [INFO] : additional image 0 / 2 2024/07/12 20:33:49 [INFO] : image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d0ac3715fa6fa362bf4327a06285095578c2fc2e3bdae28277c378ba81e07a2a 2024/07/12 20:33:49 [INFO] : ========================================= 2024/07/12 20:33:57 [INFO] : === Overall Progress - image 2 / 213 === 2024/07/12 20:33:57 [INFO] : release image 2 / 185 2024/07/12 20:33:57 [INFO] : operator image 0 / 26 2024/07/12 20:33:57 [INFO] : additional image 0 / 2 2024/07/12 20:33:57 [INFO] : image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d686e511141b93c4ca8ddb3a363325caecde948590cd1e2cbbe3c75fe1a71f2d 2024/07/12 20:33:57 [INFO] : ========================================= 2024/07/12 20:34:18 [INFO] : === Overall Progress - image 3 / 213 === 2024/07/12 20:34:18 [INFO] : release image 3 / 185 2024/07/12 20:34:18 [INFO] : operator image 0 / 26 2024/07/12 20:34:18 [INFO] : additional image 0 / 2 2024/07/12 20:34:18 [INFO] : image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:49a0183895afe73ef8ed17cea7cca3da252049688231bbd609209838fcc1f55d 2024/07/12 20:34:18 [INFO] : =========================================
Version-Release number of selected component (if applicable):
4.16
How reproducible:
100%
Steps to Reproduce:
1. Install mirror registry for Red Hat OpenShift 2. Add the credentials for the mirror registry to the pull-secret as per the oc-mirror documentation. 3. Create a sample imagetset file. 4. Run the oc-mirror command with --authfile and --v2. The error appears if the pull-secret is not in $XDG_RUNTIME_DIR/containers/auth.json or ~.docker/config.json.
Actual results:
Authentication fails for mirror registry
Expected results:
Mirroring should proceed without authentication errors.
Additional info: