Skip to content

fix(docker): add a custom policy.json file in the RHDH image for pulls to work correctly [RHDHBUGS-2799]#4385

Merged
openshift-merge-bot[bot] merged 4 commits intoredhat-developer:mainfrom
rm3l:rhdhbugs-2799-init-container-unable-to-pull-from-registry.access.redhat.com-source-image-rejected-none-of-the-signatures-were-accepted--main
Mar 23, 2026
Merged

fix(docker): add a custom policy.json file in the RHDH image for pulls to work correctly [RHDHBUGS-2799]#4385
openshift-merge-bot[bot] merged 4 commits intoredhat-developer:mainfrom
rm3l:rhdhbugs-2799-init-container-unable-to-pull-from-registry.access.redhat.com-source-image-rejected-none-of-the-signatures-were-accepted--main

Conversation

@rm3l
Copy link
Copy Markdown
Member

@rm3l rm3l commented Mar 11, 2026
edited
Loading

Description

Manual cherry-pick of #4380 (comment) into main because of conflicts.

This contains a specific identity mapping for pulls against registry.access.redhat.com/rhdh.
For some reason, Skopeo would fail otherwise with Source image rejected: None of the signatures were accepted.

Which issue(s) does this PR fix

PR acceptance criteria

Please make sure that the following steps are complete:

  • GitHub Actions are completed and successful
  • Unit Tests are updated and passing
  • E2E Tests are updated and passing
  • Documentation is updated if necessary (requirement for new features)
  • Add a screenshot if the change is UX/UI related

How to test changes / Special notes to the reviewer

See RHDHBUGS-2799 for more context.

@rm3l
fix(docker): Add a custom policy.json file in the RHDH image for pull…
b9d904d 
…s to work correctly [RHDHBUGS-2799]

This contains a specific identity mapping for pulls against registry.access.redhat.com/rhdh.
For some reason, Skopeo would fail otherwise with "Source image
rejected: None of the signatures were accepted".

This cherrypicks 8ba897d.

ref: https://issues.redhat.com/browse/RHDHBUGS-2799
@rm3l rm3l changed the title fix(docker): Add a custom policy.json file in the RHDH image for pulls to work correctly [RHDHBUGS-2799] fix(docker): Add a custom policy.json file in the RHDH image for pulls to work correctly [RHDHBUGS-2799] Mar 11, 2026
@rm3l rm3l changed the title fix(docker): Add a custom policy.json file in the RHDH image for pulls to work correctly [RHDHBUGS-2799] fix(docker): add a custom policy.json file in the RHDH image for pulls to work correctly [RHDHBUGS-2799] Mar 11, 2026
@rm3l
Copy link
Copy Markdown
Member Author

rm3l commented Mar 11, 2026

/cc @nickboldt

@openshift-ci openshift-ci bot requested a review from nickboldt March 11, 2026 08:15
rm3l
rm3l commented Mar 11, 2026
View reviewed changes
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 11, 2026

The container image build workflow finished with status: failure.

@rm3l
Copy link
Copy Markdown
Member Author

rm3l commented Mar 11, 2026

/test e2e-ocp-helm

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 11, 2026

Image was built and published successfully. It is available at:

@rm3l
Copy link
Copy Markdown
Member Author

rm3l commented Mar 11, 2026

/test e2e-ocp-helm

@rm3l
Merge branch 'main' into rhdhbugs-2799-init-container-unable-to-pull-…
6fafb55 
…from-registry.access.redhat.com-source-image-rejected-none-of-the-signatures-were-accepted--main
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 13, 2026

Image was built and published successfully. It is available at:

@rm3l
Copy link
Copy Markdown
Member Author

rm3l commented Mar 13, 2026

/test e2e-ocp-helm

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 21, 2026

This PR is stale because it has been open 7 days with no activity. Remove stale label or comment or this will be closed in 21 days.

@github-actions github-actions bot added the Stale label Mar 21, 2026
@rm3l
Merge branch 'main' into rhdhbugs-2799-init-container-unable-to-pull-…
a0d1050 
…from-registry.access.redhat.com-source-image-rejected-none-of-the-signatures-were-accepted--main
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Mar 23, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@rm3l
Copy link
Copy Markdown
Member Author

rm3l commented Mar 23, 2026

Approving as this is a manual cherrypick of #4380 , which had been approved.

/lgtm
/approve

@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Mar 23, 2026

@rm3l: you cannot LGTM your own PR.

Details

In response to this:

Approving as this is a manual cherrypick of #4380 , which had been approved.

/lgtm
/approve

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 23, 2026

Image was built and published successfully. It is available at:

@openshift-merge-bot openshift-merge-bot bot merged commit e1efbcd into redhat-developer:main Mar 23, 2026
18 checks passed
@rm3l rm3l deleted the rhdhbugs-2799-init-container-unable-to-pull-from-registry.access.redhat.com-source-image-rejected-none-of-the-signatures-were-accepted--main branch March 23, 2026 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gazarenkov gazarenkov Awaiting requested review from gazarenkov

@hopehadfield hopehadfield Awaiting requested review from hopehadfield

@nickboldt nickboldt Awaiting requested review from nickboldt

Assignees

No one assigned

Labels

approved lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rm3l