-
Bug
-
Resolution: Unresolved
-
Undefined
-
rhel-9.4
-
None
-
None
-
Critical
-
rhel-sst-image-builder
-
ssg_front_door
-
None
-
False
-
-
Yes
-
None
-
None
-
None
-
Known Issue
-
-
Done
-
None
What were you trying to do that didn't work?
sudo podman run --rm -i --privileged --pull=newer --security-opt label=type:unconfined_t -v /var/lib/containers/storage:/var/lib/containers/storage quay.io/centos-bootc/bootc-image-builder:latest --type anaconda-iso --local registry.redhat.io/rhel9-beta/rhel-bootc:9.4
Actual results
copying '/run/osbuild/inputs/root-tree/EFI' -> '/run/osbuild/tree/.' ⏱ Duration: 0s org.osbuild.mkdir: 4731fad3210461f62fc509bf5e0b1e6ab14b8733499daf7a4ccf73e0bc459fa3 { "paths": [ { "path": "/container" } ] } ⏱ Duration: 0s org.osbuild.skopeo: 7a4bb4465cd7bdb793e7674059b3eb28740ce663288a6e8f2cec94ec263cf2b5 { "destination": { "type": "oci", "path": "/container" } } Getting image source signatures Checking if image destination supports signatures time="2024-04-23T10:56:46Z" level=fatal msg="Can not copy signatures to oci:/run/osbuild/tree/container:: Pushing signatures for OCI images is not supported" Traceback (most recent call last): File "/run/osbuild/bin/org.osbuild.skopeo", line 45, in <module> r = main(args["inputs"], args["tree"], args["options"]) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/run/osbuild/bin/org.osbuild.skopeo", line 28, in main subprocess.run(["skopeo", "copy", image_source, dest], check=True) File "/usr/lib64/python3.12/subprocess.py", line 571, in run raise CalledProcessError(retcode, process.args, subprocess.CalledProcessError: Command '['skopeo', 'copy', 'containers-storage:[overlay@/run/osbuild/containers/storage+/run/containers/storage]f0c6094df5b84d59e039fe661914a4760c21933a167c4ebd5a0d43fcc83f9b3a', 'oci:/run/osbuild/tree/container']' returned non-zero exit status 1. ⏱ Duration: 0s manifest - failed Failed Error: cannot run osbuild: running osbuild failed: exit status 1 2024/04/23 10:56:48 error: cannot run osbuild: running osbuild failed: exit status 1
Workaround
Remove the signature from the container image:
$ sudo skopeo copy --remove-signatures containers-storage:registry.redhat.io/rhel9-beta/rhel-bootc:9.4 containers-storage:registry.redhat.io/rhel9-beta/rhel-bootc:9.4 $ sudo podman run \ --rm \ -it \ --privileged \ --pull=newer \ --security-opt label=type:unconfined_t \ -v /var/lib/containers/storage:/var/lib/containers/storage \ -v ~/images/iso:/output \ quay.io/centos-bootc/bootc-image-builder \ --type iso --local \ registry.redhat.io/rhel9-beta/rhel-bootc:9.4
- blocks
-
USHIFT-3132 Remove the container layer workaround when building RHEL 9.4 ISO
- To Do