-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
1
-
False
-
None
-
False
-
Before this update, `storage.oci.repository` did not work as expected and threw an error in the chains controller logs, this has now been fixed.
-
-
-
Pipelines Sprint 250, Pipelines Sprint 251, Pipelines Sprint Pioneers 1
When using "storage.oci.repository" the following error occured (shortened for readability):
{"level":"info","msg":"Starting to upload attestations to OCI ..."} {"level":"info","msg":"Starting attestation upload to OCI for inners-docker-utv-local.utvrepo-k1.utv.rsv.se/innersrc/ocp-mikrotjanstchassi-rest-intern@sha256:ccd8e7ad2bf459f3cb3a791e825f86dec177e4a48484dd9975caf9d1e9d2f689..."} {"level":"error", "msg":"getting digest for subj inners-docker-utv-local.utvrepo-k1.utv.rsv.se/innersrc/ocp-mikrotjanstchassi-rest-intern@sha256:ccd8e7ad2bf459f3cb3a791e825f86dec177e4a48484dd9975caf9d1e9d2f689: a digest must contain exactly one '@' separator (e.g. registry/repository@digest) saw: inners-docker-utv-local.utvrepo-k1.utv.rsv.se/att-sig-lab"}
It seems that it tries to get the digest from the registry it should upload the signature and attestation to.
Here's the chains config:
chain: artifacts.oci.signer: x509 artifacts.oci.storage: oci artifacts.pipelinerun.format: in-toto artifacts.pipelinerun.signer: x509 artifacts.pipelinerun.storage: oci artifacts.taskrun.format: in-toto artifacts.taskrun.signer: x509 artifacts.taskrun.storage: oci disabled: false options: disabled: false storage.oci.repository: inners-docker-utv-local.utvrepo-k1.utv.rsv.se/att-sig-lab