Loading...

Type: Bug
Resolution: Unresolved
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.18
Component/s: oc-mirror
Labels:
- v2

Severity:
Moderate
Regression:
None
Release Blocker:
Proposed
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Text:

Hide
*Cause*: What actions or circumstances cause this bug to present.
*Consequence*: What happens when the bug presents.
*Fix*: What was done to fix the bug.
*Result*: Bug doesn’t present anymore.

Show
*Cause*: What actions or circumstances cause this bug to present. *Consequence*: What happens when the bug presents. *Fix*: What was done to fix the bug. *Result*: Bug doesn’t present anymore.
Release Note Type:
Bug Fix
Release Note Status:
In Progress
Target Version:

4.18.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

Hit signature issue even use --secure-policy=false when rebuild the catalog

Version-Release number of selected component (if applicable):

./oc-mirror.rhel8  version 
WARNING: This version information is deprecated and will be replaced with the output from --short. Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"", Minor:"", GitVersion:"4.18.0-202410251041.p0.g95f0611.assembly.stream.el9-95f0611", GitCommit:"95f0611c1dc9584a4a9e857912b9eaa539234bbc", GitTreeState:"clean", BuildDate:"2024-10-25T11:28:19Z", GoVersion:"go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+22325+dc584f75) X:strictfipsruntime", Compiler:"gc", Platform:"linux/amd64"}

How reproducible:

     Always

Steps to Reproduce:

1. Using the imagesetconfig like : 
apiVersion: mirror.openshift.io/v2alpha1
kind: ImageSetConfiguration
mirror:
  operators:
  - catalog: oci:///test/ibm-catalog
  - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.15
    packages:
    - name: windows-machine-config-operator
    - name: cluster-kube-descheduler-operator
  - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.14
    packages:
    - name: servicemeshoperator 
    - name: windows-machine-config-operator
  - catalog: registry.redhat.io/redhat/certified-operator-index:v4.15
    packages:
    - name: nvidia-network-operator
  - catalog: registry.redhat.io/redhat/community-operator-index:v4.15
    packages:
    - name: skupper-operator
    - name: reportportal-operator
  - catalog: registry.redhat.io/redhat/redhat-marketplace-index:v4.15
    packages:
    - name: dynatrace-operator-rhmp

2. run the oc-mirror with rebuild catalog :
./oc-mirror.rhel8 -c config-example.yaml file://outexample --v2  --alpha-ctlg-filter --secure-policy=false

Actual results:

2. Hit error:

./oc-mirror.rhel8 -c config-example.yaml file://outexample --v2 --alpha-ctlg-filter --secure-policy=false

2024/11/05 03:15:47 [WARN] : ⚠️ --v2 flag identified, flow redirected to the oc-mirror v2 version. This is Tech Preview, it is still under development and it is not production ready.
2024/11/05 03:15:47 [INFO] : 👋 Hello, welcome to oc-mirror
2024/11/05 03:15:47 [INFO] : ⚙️ setting up the environment for you...
2024/11/05 03:15:47 [INFO] : 🔀 workflow mode: mirrorToDisk
2024/11/05 03:15:47 [INFO] : 🕵️ going to discover the necessary images...
2024/11/05 03:15:47 [INFO] : 🔍 collecting release images...
2024/11/05 03:15:47 [INFO] : 🔍 collecting operator images...
2024/11/05 03:15:49 [INFO] : 🔂 rebuilding catalog (pulling catalog image) registry.redhat.io/redhat/redhat-marketplace-index:v4.15
2024/11/05 03:15:53 [INFO] : 👋 Goodbye, thank you for using oc-mirror
2024/11/05 03:15:53 [ERROR] : 4 errors occurred:

[linux/s390x]: creating build container: copying system image from manifest list: Source image rejected: Invalid GPG signature: gpgme.Signature{Summary:128, Fingerprint:"1AC4971355A34A82", Status:gpgme.Error {err:0x9}
, Timestamp:time.Date(2024, time.November, 4, 22, 32, 13, 0, time.Local), ExpTimestamp:time.Date(1970, time.January, 1, 0, 0, 0, 0, time.Local), WrongKeyUsage:false, PKATrust:0x0, ChainModel:false, Validity:0, ValidityReason:error(nil), PubkeyAlgo:1, HashAlgo:8}
[linux/arm64]: creating build container: copying system image from manifest list: Source image rejected: Invalid GPG signature: gpgme.Signature{Summary:128, Fingerprint:"1AC4971355A34A82", Status:gpgme.Error {err:0x9}
, Timestamp:time.Date(2024, time.November, 4, 22, 32, 13, 0, time.Local), ExpTimestamp:time.Date(1970, time.January, 1, 0, 0, 0, 0, time.Local), WrongKeyUsage:false, PKATrust:0x0, ChainModel:false, Validity:0, ValidityReason:error(nil), PubkeyAlgo:1, HashAlgo:8}
[linux/amd64]: creating build container: copying system image from manifest list: Source image rejected: Invalid GPG signature: gpgme.Signature{Summary:128, Fingerprint:"1AC4971355A34A82", Status:gpgme.Error {err:0x9}
, Timestamp:time.Date(2024, time.November, 4, 22, 32, 13, 0, time.Local), ExpTimestamp:time.Date(1970, time.January, 1, 0, 0, 0, 0, time.Local), WrongKeyUsage:false, PKATrust:0x0, ChainModel:false, Validity:0, ValidityReason:error(nil), PubkeyAlgo:1, HashAlgo:8}
[linux/ppc64le]: creating build container: copying system image from manifest list: Source image rejected: Invalid GPG signature: gpgme.Signature{Summary:128, Fingerprint:"1AC4971355A34A82", Status:gpgme.Error {err:0x9}
, Timestamp:time.Date(2024, time.November, 4, 22, 32, 12, 0, time.Local), ExpTimestamp:time.Date(1970, time.January, 1, 0, 0, 0, 0, time.Local), WrongKeyUsage:false, PKATrust:0x0, ChainModel:false, Validity:0, ValidityReason:error(nil), PubkeyAlgo:1, HashAlgo:8}

Expected results:

3. no error.

Additional info:

clones

OCPBUGS-43986 Normal user can't run the oc-mirror command

New

is cloned by

OCPBUGS-44224 Rebuild catalog failed with error : building at STEP "RUN rm -rf /configs": while running runtime: exit status 1

New

is related to

CLID-199 As a oc-mirror user, I would like mirrored operator catalogs to reflect the mirrored operators only

In Progress

Details

Description

Attachments

Issue Links

Activity

People

Dates