Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reenable signature workflow extended test #16344

Closed
miminar opened this issue Sep 14, 2017 · 6 comments
Closed

Reenable signature workflow extended test #16344

miminar opened this issue Sep 14, 2017 · 6 comments
Assignees
@miminar
Labels
area/tests component/image component/imageregistry kind/bug Categorizes issue or PR as related to a bug. priority/P1

Comments

@miminar
Copy link

miminar commented Sep 14, 2017

The extended signature workflow test, disabled by #15807, used to fail with:

/tmp/openshift/build-rpm-release/tito/rpmbuild-originV11XYu/BUILD/origin-3.7.0/_output/local/go/src/github.com/openshift/origin/test/extended/registry/signature.go:112
Expected
    <string>: error verifying signature sha256:248398a9acf9b2f80aabebee81ae88d70768eadebccecd786a0e6e1d2756e4cf@67655a940b7d40e9f4d3067765b613e7 for image sha256:248398a9acf9b2f80aabebee81ae88d70768eadebccecd786a0e6e1d2756e4cf (verification status will be removed): failed to get image "sha256:248398a9acf9b2f80aabebee81ae88d70768eadebccecd786a0e6e1d2756e4cf" manifest: Get http://docker-registry.default.svc:5000/v2/: malformed HTTP response "\x15\x03\x01\x00\x02\x02"
to contain substring
    <string>: identity is now confirmed
/tmp/openshift/build-rpm-release/tito/rpmbuild-originV11XYu/BUILD/origin-3.7.0/_output/local/go/src/github.com/openshift/origin/test/extended/registry/signature.go:106

The registry is secured during the extended test run. It looks like the oadm verify-image-signature cannot talk to secured registry. This needs to be fixed before re-enabling this test.
@miminar miminar self-assigned this Sep 14, 2017
@miminar miminar mentioned this issue Sep 14, 2017
Merged
@miminar
Copy link
Author

miminar commented Sep 14, 2017

@mfojtik FYI. Feel free to take this over when you enhance the verify-image-signature command with --insecure flag.

miminar pushed a commit to miminar/origin that referenced this issue Oct 12, 2017
extended: fixed registry tests
9632e0e 
The extended test suite now secures the registry. This patch allows for
secure connection to the registry.

Mark few registry tests as serial. Prevent them from being run parallel
with some other registry tests.

Write registry log to file on re-deployment. The registry log is
essential for externded test debugging. Without writing it to a file,
this information will be lost.

Skip image signature workflow test until we figure out, how to make
`oadm verify-image-signature` work with secured integrated Docker
registry. Issue openshift#16344.

Temporarily skip limitrange_admission test. The image size counting is
still broken for schema 1 - the layer sizes need to be filled on registry
side. Will be fixed by openshift#16776.

Signed-off-by: Michal Minář <[email protected]>
@bparees bparees mentioned this issue Oct 23, 2017
Merged
@openshift-bot
Copy link
Contributor

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci-robot openshift-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 20, 2018
@openshift-bot
Copy link
Contributor

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

@openshift-ci-robot openshift-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Mar 22, 2018
@miminar
Copy link
Author

miminar commented Mar 26, 2018

/remove-lifecycle rotten

@openshift-ci-robot openshift-ci-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Mar 26, 2018
@miminar
Copy link
Author

miminar commented Apr 9, 2018

This has been resolved in #17202.

The only problem is that it was removed one week later with a rebase to 1.8.1 in #17115. So the test doesn't exist anymore.

The issue shall be moved to image-registry repository.

@miminar miminar closed this as completed Apr 9, 2018
@miminar miminar mentioned this issue Apr 9, 2018
Closed
@miminar
Copy link
Author

miminar commented Apr 9, 2018
edited
Loading

Re-opened in the openshift/image-registry#74.

Tracked in openshift/image-registry#39

@miminar miminar mentioned this issue Apr 9, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@miminar miminar

Labels
area/tests component/image component/imageregistry kind/bug Categorizes issue or PR as related to a bug. priority/P1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@miminar @openshift-bot @openshift-ci-robot