Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lbi: Add --remove-signatures to install time lbi copy #827

Merged
merged 1 commit into from
Oct 15, 2024

Conversation

ckyrouac
Copy link
Contributor

We are unable to copy a signed image from c/storage -> c/storage while preserving the signature. See
containers/image#2599

fixes #812

We are unable to copy a signed image from c/storage -> c/storage while
preserving the signature. See
containers/image#2599

fixes containers#812

Signed-off-by: Chris Kyrouac <[email protected]>
@cgwalters
Copy link
Collaborator

  • Downloading successful, but checksum doesn't match. Calculated: ef16d195332d673efbe2fc9a316726df177a605e1caef3ca49f88a7181f973654347400cb50ee464dd7206fc9a59c34cf37d0baea158add0bde531cb7cab8039(sha512) Expected: b2b0cdc3fdc6021ff6ddd33a4b508daa7050cc8cdfca7dd9aa6c854ed80dd39b4fd5bfa6e66db2c37e0ad25cee9f53e7b24b84d7f302f2ca07198439524d1c99(sha512)

CI is failing on rpm-md repository metadata desynchronization. It's exactly stuff like this that would be greatly mitigated if we put rpms in registries instead.

@cgwalters cgwalters merged commit 49618d9 into containers:main Oct 15, 2024
21 of 34 checks passed
@cgwalters
Copy link
Collaborator

@ckyrouac I know we'd had flakes in the integration tests lately but this one looks to have introduced this:

Trying to pull registry.redhat.io/ubi9/podman:latest...
Error: initializing source docker://registry.redhat.io/ubi9/podman:latest: unable to retrieve auth token: invalid username/password: unauthorized: Please login to the Red Hat Registry using your Customer Portal credentials. Further instructions can be found here: https://access.redhat.com/RegistryAuthentication

So we'll need to set up a pull secret to make this work.

@ckyrouac
Copy link
Contributor Author

ah, I'll try to find a good signed image from an unauthenticated repo, or I'll just push a signed test image to a public quay repo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Unable to bind a signed image at install time
2 participants