-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
rhos-18.0.14 FR 4
-
None
When IDMS with mirror registry is there in OCP, we assume it as a disconnected deployment,which is technically not correct. There can be IDMS for other reasons. However, we don't add the mirror registry CA certs to the cert bundle that's added to the edpm node trust store which cause auth failure.
[0;31mfailed: [edtnabtf-pd10hv-071] (item={'key': 'harbor.gitlab01.nfvdev.teluslabs.net', 'value': {'robot$osp': 'YvRwVZ1Jpagd8N47YoFX7UljZqsrGLsi'}}) => {"ansible_loop_var": "item", "changed": false, "cmd": "podman login --authfile ~/.config/containers/auth.json --username=$REGISTRY_USERNAME --password=$REGISTRY_PASSWORD $REGISTRY\n", "delta": "0:00:00.330074", "end": "2026-01-27 19:04:04.065614", "failed_when_result": true, "item": {"key": "harbor.gitlab01.nfvdev.teluslabs.net", "value": {"robot$osp": "YvRwVZ1Jpagd8N47YoFX7UljZqsrGLsi"}}, "msg": "non-zero return code", "rc": 125, "start": "2026-01-27 19:04:03.735540", "stderr": "Error: authenticating creds for \"harbor.gitlab01.nfvdev.teluslabs.net\": pinging container registry harbor.gitlab01.nfvdev.teluslabs.net: Get \"https://harbor.gitlab01.nfvdev.teluslabs.net/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown authority", "stderr_lines": ["Error: authenticating creds for \"harbor.gitlab01.nfvdev.teluslabs.net\": pinging container registry harbor.gitlab01.nfvdev.teluslabs.net: Get \"https://harbor.gitlab01.nfvdev.teluslabs.net/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown authority"], "stdout": "", "stdout_lines": []}[0m