-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1998432: Support Swift authentication using application credentials #686
Bug 1998432: Support Swift authentication using application credentials #686
Conversation
/hold till openshift/docker-distribution#25 lands |
cc @dmage |
5034db7
to
79e4e34
Compare
/retest |
2 similar comments
/retest |
/retest |
/retitle OSASINFRA-1934: Support Swift authentication using application credentials |
/approve @bverschueren do you have QE that can test this feature? |
@bverschueren Hi , I have installed cluster on openstack with build from this pr. But there are small issues.
When use applicationcreditial, the registry pod could be running with new secret, but there is error in registry operator.
And REGISTRY_STORAGE_SWIFT_APPLICATIONCREDENTIAL** must get together with REGISTRY_STORAGE_SWIFT_USERNAME and REGISTRY_STORAGE_SWIFT_PASSWORD , orelse will prompt no REGISTRY_STORAGE_SWIFT_USERNAME settting. |
@xiuwang: this has a dependency on openshift/docker-distribution#25. The cluster must use an image for the image-registry that has these changes pulled in. I have the image available at |
Then I need replace image-registry image with quay.io/bverschueren/image-registry:support-swift-application-credentials . |
The cluster needs to be created with the updated image for the image-registry. Otherwise the registry fails to authenticate to swift during initialization (without the changes the registry won't consider application credentials to authenticate) and falls back to using cinder for its storage. So without openshift/docker-distribution/pull/25 merged, one way to test this is to create a release image and provide an alternative image-reference for the docker-registry (e.g.: |
@bverschueren I don't create a release image. My steps:
Registry operator still reports
|
@xiuwang I've used this approach to test:
|
@bverschueren I just found my comment has confused you. I didn't claim the swift storage set successfully. My point is that registry operator is still reporting below error even the swift container set successfully. But today I found it's a common issue, but not just for configure application creds. I will update bug #1991826 to trace this issue. And add approve label.
Sorry for the confused make this pr merging delayed. /label qe-approved |
/retitle Bug 1991826: Support Swift authentication using application credentials |
@bverschueren: This pull request references Bugzilla bug 1991826, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
3 similar comments
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
@bverschueren the Jira story is Obsolete, should we reassign this PR to another story or close it? |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
@dmage the Jira is superseded by https://bugzilla.redhat.com/show_bug.cgi?id=1998432 (at least wrt Swift) but I mistakenly linked the wrong BZ here previously. |
/retitle Bug 1998432: Support Swift authentication using application credentials |
@bverschueren: This pull request references Bugzilla bug 1998432, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@pierreprinetti: This pull request references Bugzilla bug 1998432, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
9 similar comments
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
@bverschueren: All pull requests linked via external trackers have merged: Bugzilla bug 1998432 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This enables image-registry's Swift storage backend to authenticate using application credentials.
Related to https://issues.redhat.com/browse/OSASINFRA-1934