Uploaded image for project: 'Red Hat Decision Manager'
  1. Red Hat Decision Manager
  2. RHDM-1173

operators use tag for containerImage reference instead of digest

    XMLWordPrintable

Details

    • Bug
    • Resolution: Obsolete
    • Major
    • None
    • None
    • Cloud
    • None

    • $ oc version
      Client Version: openshift-clients-4.2.2-201910250432-4-g4ac90784
      Server Version: 4.2.10
      Kubernetes Version: v1.14.6+17b1cc6

    • Hide 
      $ oc get packagemanifest/businessautomation-operator -n openshift-marketplace -o=jsonpath='{.metadata.name} {"\t"}{range .status.channels[*]}{.currentCSV}{"t"} {.currentCSVDesc.annotations.containerImage} {"\n"} {end}'
businessautomation-operator 	businessautomation-operator.1.2.1t registry.redhat.io/rhpam-7/rhpam-rhel8-operator:7.5.1
      Show
      $ oc get packagemanifest/businessautomation-operator -n openshift-marketplace -o=jsonpath='{.metadata.name} {"\t"}{range .status.channels[*]}{.currentCSV}{"t"} {.currentCSVDesc.annotations.containerImage} {"\n"} {end}' businessautomation-operator businessautomation-operator.1.2.1t registry.redhat.io/rhpam-7/rhpam-rhel8-operator:7.5.1

    Description

      In order to avoid supply chain attacks against the operator, and allow repository mirroring, references from the packagemanifest in OCP OLM should be by digest, not by tag.

      See:
      http://post-office.corp.redhat.com/archives/openshift-sme/2019-October/msg01569.html

      Attachments

        Activity

          People

            rhn-support-fspolti Filippe Spolti
            rhn-support-jshepher Jason Shepherd
            Jakub Schwan Jakub Schwan
            Jakub Schwan Jakub Schwan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: