search

opcr-io / policy

CLI for building OPA policies into OCI images
https://www.openpolicycontainers.com
Apache License 2.0
213 stars 12 forks source link

Failed to push policy #95

Closed jimmyraywv closed 1 year ago

jimmyraywv commented 1 year ago

I created a policy images and try to push and I received this error:

Failed to push policy: pac-book/project:v0.1.0
oras push tarball failed: unexpected status: 500 Internal Server Error

failed to push one or more policies
jimmyraywv commented 1 year ago

So, my issue was using the wrong ORG name. However when I tried to fix that, it would not work with namespaces, like:

policy push jimmyraywv/pac-book/project:v0.1.0

I received a 403 error then:

Failed to push policy: jimmyraywv/pac-book/project:v0.1.0
oras push tarball failed: unexpected status: 403 Forbidden

It did work when I built and pushed as:

policy push jimmyraywv/project:v0.1.0

Is there a plan to support namespaces in the future?

gertd commented 1 year ago

Hi @jimmyraywv,

This should work, assuming you are pushing to the local image store.

When I do the following:

❯ policy version

Policy CLI.
version: 0.1.42
date: 2022-09-13T14:57:45Z
commit: 5f88595

❯ mkdir test
❯ cd test
❯ policy templates apply policy-template
Processing template 'policy-template' ........

Generating files

The template 'policy-template' was created successfully.
❯ policy build ./src -t jimmyraywv/pac-book/project:v0.1.0

Created new image.
digest: sha256:c37c0f024e9774b9c14006a72028378c24e7a1c84fdc2ebf9e945878fe517cbf

Tagging image.
reference: jimmyraywv/pac-book/project:v0.1.0
❯ policy images

  REPOSITORY                                  TAG     IMAGE ID      CREATED        SIZE
  jimmyraywv/pac-book/project                 v0.1.0  c37c0f024e97  6 seconds ago  585B

I think this is what you are trying to achieve?

jimmyraywv commented 1 year ago

I think I figured it out. Is there docs about setting up the local OPA config with a bearer token so that I can download the private image and use it?

ogazitt commented 1 year ago

Hi @jimmyraywv, here are a couple of docs for how to set up OPA config with a Bearer token:

What registry are you using? opcr.io or a different one?

ogazitt commented 1 year ago

Hi @jimmyraywv, we also recently added this to the Open Policy Containers docs: