-
Bug
-
Resolution: Done
-
Blocker
-
quay-v3.8.0
-
False
-
None
-
False
Description:
This is an issue of Quay 3.8.0 deployment, when deploy Quay on OCP with FIPS enabled, the quay app pod is crashed, checked quay app pod logs, get error message "boringcrypto: unexpected code execution in config-toolpanic: boringcrypto: invalid code execution"
Quay Image: quay-operator-bundle-container-v3.8.0-91
oc get pod NAME READY STATUS RESTARTS AGE quay-operator.v3.8.0-56dc8dc947-z9brv 1/1 Running 0 31m quayregistry-clair-app-75f49dc598-96vxh 1/1 Running 0 22m quayregistry-clair-app-75f49dc598-cnp4n 1/1 Running 0 16m quayregistry-clair-app-75f49dc598-lffcb 1/1 Running 0 15m quayregistry-clair-app-75f49dc598-xjsjl 1/1 Running 0 22m quayregistry-clair-postgres-56f4957db-kn94l 1/1 Running 1 (21m ago) 22m quayregistry-quay-app-7699ff58d7-mlwl7 0/1 CrashLoopBackOff 8 (4m55s ago) 21m quayregistry-quay-app-7699ff58d7-vqb9n 0/1 CrashLoopBackOff 8 (5m5s ago) 21m quayregistry-quay-app-upgrade-pcfkh 0/1 Completed 0 22m quayregistry-quay-config-editor-64b54c48dc-fpww6 1/1 Running 0 22m quayregistry-quay-database-cb65ff8c-j6zvx 1/1 Running 0 22m quayregistry-quay-mirror-56b5db6f6-97ldj 0/1 Init:CrashLoopBackOff 6 (24s ago) 21m quayregistry-quay-mirror-56b5db6f6-mwnrl 0/1 Init:CrashLoopBackOff 6 (25s ago) 21m quayregistry-quay-redis-5788c86479-7xkkj 1/1 Running 0 22m oc logs quayregistry-quay-app-7699ff58d7-mlwl7 __ __ / \ / \ ______ _ _ __ __ __ / /\ / /\ \ / __ \ | | | | / \ \ \ / / / / / / \ \ | | | | | | | | / /\ \ \ / \ \ \ \ / / | |__| | | |__| | / ____ \ | | \ \/ \ \/ / \_ ___/ \____/ /_/ \_\ |_| \__/ \__/ \ \__ \___\ by Red Hat Build, Store, and Distribute your Containers Startup timestamp: Thu Sep 29 02:39:28 UTC 2022 Running all default registry services without migration Running init script '/quay-registry/conf/init/certs_install.sh' Installing extra certificates found in /quay-registry/conf/stack/extra_ca_certs directory Running init script '/quay-registry/conf/init/copy_config_files.sh' Running init script '/quay-registry/conf/init/d_validate_config_bundle.sh' Validating Configuration plpgsql pg_trgm boringcrypto: unexpected code execution in config-tool panic: boringcrypto: invalid code execution goroutine 1 [running]: crypto/internal/boring.UnreachableExceptTests() /usr/lib/golang/src/crypto/internal/boring/boring.go:118 +0xf1 crypto/hmac.New(0xf42308, {0xc00062d1a0, 0x2c, 0x30}) /usr/lib/golang/src/crypto/hmac/hmac.go:137 +0x4e github.com/minio/minio-go/v7/pkg/signer.sumHMAC({0xc00062d1a0, 0xc00003c1f0, 0x8}, {0xc00003c1f8, 0x8, 0x8}) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/utils.go:40 +0x4a github.com/minio/minio-go/v7/pkg/signer.getSigningKey({0xc00062c2a0, 0x3}, {0xee5063, 0x9}, {0x9, 0xc00061c000, 0x0}, {0xedd983, 0x2}) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go:68 +0xfc github.com/minio/minio-go/v7/pkg/signer.signV4({{0xeddc57, 0x3}, 0xc0003542d0, {0xee320a, 0x8}, 0x1, 0x1, 0xc0005fd2c0, {0x0, 0x0}, ...}, ...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go:289 +0x55d github.com/minio/minio-go/v7/pkg/signer.SignV4(...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go:317 github.com/minio/minio-go/v7.Client.getBucketLocationRequest({0xc000354000, 0xc0013cff20, 0x0, {{0x0, 0x0}, {0x0, 0x0}}, 0x1, 0xc0005fd1a0, 0xc0013bf8a0, ...}, ...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/bucket-cache.go:251 +0x770 github.com/minio/minio-go/v7.Client.getBucketLocation({0xc000354000, 0xc0013cff20, 0x0, {{0x0, 0x0}, {0x0, 0x0}}, 0x1, 0xc0005fd1a0, 0xc0013bf8a0, ...}, ...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/bucket-cache.go:100 +0x108 github.com/minio/minio-go/v7.Client.newRequest({0xc000354000, 0xc0013cff20, 0x0, {{0x0, 0x0}, {0x0, 0x0}}, 0x1, 0xc0005fd1a0, 0xc0013bf8a0, ...}, ...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/api.go:681 +0xde github.com/minio/minio-go/v7.Client.executeMethod({0xc000354000, 0xc0013cff20, 0x0, {{0x0, 0x0}, {0x0, 0x0}}, 0x1, 0xc0005fd1a0, 0xc0013bf8a0, ...}, ...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/api.go:565 +0x438 github.com/minio/minio-go/v7.Client.BucketExists({0xc000354000, 0xc0013cff20, 0x0, {{0x0, 0x0}, {0x0, 0x0}}, 0x1, 0xc0005fd1a0, 0xc0013bf8a0, ...}, ...) /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/api-stat.go:37 +0x174 github.com/quay/config-tool/pkg/lib/shared.validateMinioGateway({{0x7fffa52cdbe3, 0xc000453680}, 0xc000491a10}, {0xc0004c8520, 0x8}, {0xc00003a9c0, 0x2a}, {0xc0003fe630, 0x14}, {0xc00062c2a0, ...}, ...) /remote-source/config-tool/app/pkg/lib/shared/storage_validators.go:352 +0x3c8 github.com/quay/config-tool/pkg/lib/shared.ValidateStorage({{0x7fffa52cdbe3, 0xc000113080}, 0xc000491a10}, {0xc0004c8520, 0x8}, {0xc0004c8530, 0xc}, 0xc000258000, {0xeede9b, 0x12}) /remote-source/config-tool/app/pkg/lib/shared/storage_validators.go:72 +0x343d github.com/quay/config-tool/pkg/lib/fieldgroups/distributedstorage.(*DistributedStorageFieldGroup).Validate(0xc000452a40, {{0x7fffa52cdbe3, 0xee8819}, 0xc000491a10}) /remote-source/config-tool/app/pkg/lib/fieldgroups/distributedstorage/distributedstorage_validator.go:42 +0x66e github.com/quay/config-tool/commands.glob..func3(0x1fcfa20, {0xede7e1, 0x4, 0x4}) /remote-source/config-tool/app/commands/validate.go:102 +0x69f github.com/spf13/cobra.(*Command).execute(0x1fcfa20, {0xc0004528c0, 0x4, 0x4}) /remote-source/config-tool/app/vendor/github.com/spf13/cobra/command.go:846 +0x5f8 github.com/spf13/cobra.(*Command).ExecuteC(0x1fcf780) /remote-source/config-tool/app/vendor/github.com/spf13/cobra/command.go:950 +0x3ad github.com/spf13/cobra.(*Command).Execute(...) /remote-source/config-tool/app/vendor/github.com/spf13/cobra/command.go:887 github.com/quay/config-tool/commands.Execute() /remote-source/config-tool/app/commands/root.go:37 +0x25 main.main() /remote-source/config-tool/app/cmd/config-tool/main.go:21 +0x17