search

opendevstack / ods-pipeline

Alternative ODS CI/CD pipeline based on Tekton / OpenShift Pipelines
Apache License 2.0
13 stars 5 forks source link

Impossible to know what skopeo is doing in deploy phase. #567

Closed victorpablosceruelo closed 2 years ago

victorpablosceruelo commented 2 years ago

When running skopeo cmd to copy the image in https://github.com/opendevstack/ods-pipeline/blob/v0.5.1/cmd/deploy-with-helm/main.go#L241

we need to be able to debug which command is being run (basically, if it has token or not and where does the token come from).

We are getting the following trace and we do not know how to continue with the debug process...

+ deploy-with-helm -chart-dir=./chart -release-name= -diff-flags=--install '-upgrade-flags=--install --wait' -age-key-secret=helm-secrets-age-key
releaseName=front-end
releaseNamespace=tektonpoc-dev
Copying images into release namespace ...
Copying image front-end ...
src=image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399
dest=image-registry.openshift-image-registry.svc:5000/tektonpoc-dev/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399
time="2022-06-21T10:10:44Z" level=fatal msg="writing blob: initiating layer upload to /v2/tektonpoc-dev/front-end/blobs/uploads/ in image-registry.openshift-image-registry.svc:5000: unauthorized: authentication required"

2022/06/21 10:10:44 exit status 1
victorpablosceruelo commented 2 years ago

After enabling debug as explained in https://github.com/opendevstack/ods-pipeline/blob/v0.5.1/docs/adr/20210816-debug.md

we can see this:

STEP-HELM-UPGRADE-FROM-REPO

+ deploy-with-helm -chart-dir=./chart -release-name= -diff-flags=--install '-upgrade-flags=--install --wait' -age-key-secret=helm-secrets-age-key
..2022_06_21_15_48_45.901462967
..data
ca.crt
namespace
service-ca.crt
token
releaseName=front-end
2022/06/21 15:49:02 Files in /var/run/secrets/kubernetes.io/serviceaccount:
releaseNamespace=tektonpoc-dev
Copying images into release namespace ...
Copying image front-end ...
src=image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399
dest=image-registry.openshift-image-registry.svc:5000/tektonpoc-dev/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399
time="2022-06-21T15:49:02Z" level=debug msg="Loading registries configuration \"/etc/containers/registries.conf\""
time="2022-06-21T15:49:02Z" level=debug msg="Loading registries configuration \"/etc/containers/registries.conf.d/000-shortnames.conf\""
time="2022-06-21T15:49:02Z" level=debug msg="Loading registries configuration \"/etc/containers/registries.conf.d/001-rhel-shortnames.conf\""
time="2022-06-21T15:49:02Z" level=debug msg="Loading registries configuration \"/etc/containers/registries.conf.d/002-rhel-shortnames-overrides.conf\""
time="2022-06-21T15:49:02Z" level=debug msg="No credentials matching image-registry.openshift-image-registry.svc:5000/tektonpoc-dev/front-end found in /run/containers/1001/auth.json"
time="2022-06-21T15:49:02Z" level=debug msg="No credentials matching image-registry.openshift-image-registry.svc:5000/tektonpoc-dev/front-end found in /tekton/home/.config/containers/auth.json"
time="2022-06-21T15:49:02Z" level=debug msg="Found credentials for image-registry.openshift-image-registry.svc:5000/tektonpoc-dev/front-end in credential helper containers-auth.json in file /tekton/home/.docker/config.json"
time="2022-06-21T15:49:02Z" level=debug msg="Using registries.d directory /etc/containers/registries.d for sigstore configuration"
time="2022-06-21T15:49:02Z" level=debug msg=" Using \"default-docker\" configuration"
time="2022-06-21T15:49:02Z" level=debug msg="  Using file:///var/lib/containers/sigstore"
time="2022-06-21T15:49:02Z" level=debug msg="Looking for TLS certificates and private keys in /var/run/secrets/kubernetes.io/serviceaccount"
time="2022-06-21T15:49:02Z" level=debug msg=" crt: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
time="2022-06-21T15:49:02Z" level=debug msg=" crt: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
time="2022-06-21T15:49:02Z" level=debug msg="Trying to access \"image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399\""
time="2022-06-21T15:49:02Z" level=debug msg="No credentials matching image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end found in /run/containers/1001/auth.json"
time="2022-06-21T15:49:02Z" level=debug msg="No credentials matching image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end found in /tekton/home/.config/containers/auth.json"
time="2022-06-21T15:49:02Z" level=debug msg="Found credentials for image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end in credential helper containers-auth.json in file /tekton/home/.docker/config.json"
time="2022-06-21T15:49:02Z" level=debug msg="Using registries.d directory /etc/containers/registries.d for sigstore configuration"
time="2022-06-21T15:49:02Z" level=debug msg=" Using \"default-docker\" configuration"
time="2022-06-21T15:49:02Z" level=debug msg=" No signature storage configuration found for image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399, using built-in default file:///tekton/home/.local/share/containers/sigstore"
time="2022-06-21T15:49:02Z" level=debug msg="Looking for TLS certificates and private keys in /var/run/secrets/kubernetes.io/serviceaccount"
time="2022-06-21T15:49:02Z" level=debug msg=" crt: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
time="2022-06-21T15:49:02Z" level=debug msg=" crt: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/"
time="2022-06-21T15:49:02Z" level=debug msg="Ping https://image-registry.openshift-image-registry.svc:5000/v2/ status 401"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/openshift/token?account=serviceaccount&scope=repository%3Atektonpoc-cd%2Ffront-end%3Apull"
time="2022-06-21T15:49:02Z" level=debug msg="Increasing token expiration to: 60 seconds"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-cd/front-end/manifests/7447635e5c38210d7cc78c7c6de870e22d7ca399"
time="2022-06-21T15:49:02Z" level=debug msg="Content-Type from manifest GET is \"application/vnd.oci.image.manifest.v1+json\""
time="2022-06-21T15:49:02Z" level=debug msg="Using blob info cache at /tekton/home/.local/share/containers/cache/blob-info-cache-v1.boltdb"
time="2022-06-21T15:49:02Z" level=debug msg="IsRunningImageAllowed for image docker:image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end:7447635e5c38210d7cc78c7c6de870e22d7ca399"
time="2022-06-21T15:49:02Z" level=debug msg=" Using default policy section"
time="2022-06-21T15:49:02Z" level=debug msg=" Requirement 0: allowed"
time="2022-06-21T15:49:02Z" level=debug msg="Overall: allowed"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/extensions/v2/tektonpoc-cd/front-end/signatures/sha256:a1a2481dca892b416bdd4d02f1d441aeeebe7a1b5d6b59d60368b0ba7d4f0f12"
time="2022-06-21T15:49:02Z" level=debug msg="Manifest has MIME type application/vnd.oci.image.manifest.v1+json, ordered candidate list [application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.v1+prettyjws, application/vnd.oci.image.index.v1+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.docker.distribution.manifest.v1+json]"
time="2022-06-21T15:49:02Z" level=debug msg="... will first try using the original manifest unmodified"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:447f77e9d7ba967ad745334ff749a17d077fbd8dd2e3b1719f0fcb23390441b4"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:cc288322e568a672023e4ce6e8544a214803756b484c08d6f936e20cada021ca"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:c738ba5b896b5a4e0b2b9983b43540c69dc60a58b91850ac03f8ac46efee13fc"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:4f93fbaa38c2fcbaed99e312fa8af0732512e4636fa1e740998c9f6aed4ef39f"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:87ea4027e76bdc11a0f202dc084eaab9b673d1d9e98bdc9165bb74e69ebf8f32"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/"
time="2022-06-21T15:49:02Z" level=debug msg="Ping https://image-registry.openshift-image-registry.svc:5000/v2/ status 401"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:447f77e9d7ba967ad745334ff749a17d077fbd8dd2e3b1719f0fcb23390441b4"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:cc288322e568a672023e4ce6e8544a214803756b484c08d6f936e20cada021ca"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:c738ba5b896b5a4e0b2b9983b43540c69dc60a58b91850ac03f8ac46efee13fc"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:4f93fbaa38c2fcbaed99e312fa8af0732512e4636fa1e740998c9f6aed4ef39f"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:87ea4027e76bdc11a0f202dc084eaab9b673d1d9e98bdc9165bb74e69ebf8f32"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Downloading /v2/tektonpoc-cd/front-end/blobs/sha256:4f93fbaa38c2fcbaed99e312fa8af0732512e4636fa1e740998c9f6aed4ef39f"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-cd/front-end/blobs/sha256:4f93fbaa38c2fcbaed99e312fa8af0732512e4636fa1e740998c9f6aed4ef39f"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Downloading /v2/tektonpoc-cd/front-end/blobs/sha256:c738ba5b896b5a4e0b2b9983b43540c69dc60a58b91850ac03f8ac46efee13fc"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-cd/front-end/blobs/sha256:c738ba5b896b5a4e0b2b9983b43540c69dc60a58b91850ac03f8ac46efee13fc"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Downloading /v2/tektonpoc-cd/front-end/blobs/sha256:447f77e9d7ba967ad745334ff749a17d077fbd8dd2e3b1719f0fcb23390441b4"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-cd/front-end/blobs/sha256:447f77e9d7ba967ad745334ff749a17d077fbd8dd2e3b1719f0fcb23390441b4"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Downloading /v2/tektonpoc-cd/front-end/blobs/sha256:87ea4027e76bdc11a0f202dc084eaab9b673d1d9e98bdc9165bb74e69ebf8f32"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-cd/front-end/blobs/sha256:87ea4027e76bdc11a0f202dc084eaab9b673d1d9e98bdc9165bb74e69ebf8f32"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Downloading /v2/tektonpoc-cd/front-end/blobs/sha256:cc288322e568a672023e4ce6e8544a214803756b484c08d6f936e20cada021ca"
time="2022-06-21T15:49:02Z" level=debug msg="GET https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-cd/front-end/blobs/sha256:cc288322e568a672023e4ce6e8544a214803756b484c08d6f936e20cada021ca"
time="2022-06-21T15:49:02Z" level=debug msg="Detected compression format gzip"
time="2022-06-21T15:49:02Z" level=debug msg="Using original blob without modification"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:87ea4027e76bdc11a0f202dc084eaab9b673d1d9e98bdc9165bb74e69ebf8f32"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:87ea4027e76bdc11a0f202dc084eaab9b673d1d9e98bdc9165bb74e69ebf8f32"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Uploading /v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="POST https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="Detected compression format gzip"
time="2022-06-21T15:49:02Z" level=debug msg="Using original blob without modification"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:447f77e9d7ba967ad745334ff749a17d077fbd8dd2e3b1719f0fcb23390441b4"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:447f77e9d7ba967ad745334ff749a17d077fbd8dd2e3b1719f0fcb23390441b4"
time="2022-06-21T15:49:02Z" level=debug msg="Error initiating layer upload, response http.Response{Status:\"401 Unauthorized\", StatusCode:401, Proto:\"HTTP/1.1\", ProtoMajor:1, ProtoMinor:1, Header:http.Header{\"Content-Length\":[]string{\"248\"}, \"Content-Type\":[]string{\"application/json; charset=utf-8\"}, \"Date\":[]string{\"Tue, 21 Jun 2022 15:49:02 GMT\"}, \"Docker-Distribution-Api-Version\":[]string{\"registry/2.0\"}, \"Www-Authenticate\":[]string{\"Basic realm=openshift,error=\\\"access denied\\\"\"}, \"X-Registry-Supports-Signatures\":[]string{\"1\"}}, Body:(*http.bodyEOFSignal)(0xc00052c9c0), ContentLength:248, TransferEncoding:[]string(nil), Close:true, Uncompressed:false, Trailer:http.Header(nil), Request:(*http.Request)(0xc0001b0600), TLS:(*tls.ConnectionState)(0xc00034a0b0)}"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Uploading /v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="POST https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="Error initiating layer upload, response http.Response{Status:\"401 Unauthorized\", StatusCode:401, Proto:\"HTTP/1.1\", ProtoMajor:1, ProtoMinor:1, Header:http.Header{\"Content-Length\":[]string{\"248\"}, \"Content-Type\":[]string{\"application/json; charset=utf-8\"}, \"Date\":[]string{\"Tue, 21 Jun 2022 15:49:02 GMT\"}, \"Docker-Distribution-Api-Version\":[]string{\"registry/2.0\"}, \"Www-Authenticate\":[]string{\"Basic realm=openshift,error=\\\"access denied\\\"\"}, \"X-Registry-Supports-Signatures\":[]string{\"1\"}}, Body:(*http.bodyEOFSignal)(0xc00052d040), ContentLength:248, TransferEncoding:[]string(nil), Close:true, Uncompressed:false, Trailer:http.Header(nil), Request:(*http.Request)(0xc000504300), TLS:(*tls.ConnectionState)(0xc000032160)}"
time="2022-06-21T15:49:02Z" level=debug msg="Detected compression format gzip"
time="2022-06-21T15:49:02Z" level=debug msg="Using original blob without modification"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:4f93fbaa38c2fcbaed99e312fa8af0732512e4636fa1e740998c9f6aed4ef39f"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:4f93fbaa38c2fcbaed99e312fa8af0732512e4636fa1e740998c9f6aed4ef39f"
time="2022-06-21T15:49:02Z" level=debug msg="Detected compression format gzip"
time="2022-06-21T15:49:02Z" level=debug msg="Using original blob without modification"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:cc288322e568a672023e4ce6e8544a214803756b484c08d6f936e20cada021ca"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:cc288322e568a672023e4ce6e8544a214803756b484c08d6f936e20cada021ca"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Uploading /v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="POST https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="Detected compression format gzip"
time="2022-06-21T15:49:02Z" level=debug msg="Using original blob without modification"
time="2022-06-21T15:49:02Z" level=debug msg="Checking /v2/tektonpoc-dev/front-end/blobs/sha256:c738ba5b896b5a4e0b2b9983b43540c69dc60a58b91850ac03f8ac46efee13fc"
time="2022-06-21T15:49:02Z" level=debug msg="HEAD https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/sha256:c738ba5b896b5a4e0b2b9983b43540c69dc60a58b91850ac03f8ac46efee13fc"
time="2022-06-21T15:49:02Z" level=debug msg="Error initiating layer upload, response http.Response{Status:\"401 Unauthorized\", StatusCode:401, Proto:\"HTTP/1.1\", ProtoMajor:1, ProtoMinor:1, Header:http.Header{\"Content-Length\":[]string{\"248\"}, \"Content-Type\":[]string{\"application/json; charset=utf-8\"}, \"Date\":[]string{\"Tue, 21 Jun 2022 15:49:02 GMT\"}, \"Docker-Distribution-Api-Version\":[]string{\"registry/2.0\"}, \"Www-Authenticate\":[]string{\"Basic realm=openshift,error=\\\"access denied\\\"\"}, \"X-Registry-Supports-Signatures\":[]string{\"1\"}}, Body:(*http.bodyEOFSignal)(0xc00030a180), ContentLength:248, TransferEncoding:[]string(nil), Close:true, Uncompressed:false, Trailer:http.Header(nil), Request:(*http.Request)(0xc0002d8000), TLS:(*tls.ConnectionState)(0xc00034a2c0)}"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Uploading /v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="POST https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="... not present"
time="2022-06-21T15:49:02Z" level=debug msg="Uploading /v2/tektonpoc-dev/front-2022/06/21 15:49:02 exit status 1
end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="POST https://image-registry.openshift-image-registry.svc:5000/v2/tektonpoc-dev/front-end/blobs/uploads/"
time="2022-06-21T15:49:02Z" level=debug msg="Error initiating layer upload, response http.Response{Status:\"401 Unauthorized\", StatusCode:401, Proto:\"HTTP/1.1\", ProtoMajor:1, ProtoMinor:1, Header:http.Header{\"Content-Length\":[]string{\"248\"}, \"Content-Type\":[]string{\"application/json; charset=utf-8\"}, \"Date\":[]string{\"Tue, 21 Jun 2022 15:49:02 GMT\"}, \"Docker-Distribution-Api-Version\":[]string{\"registry/2.0\"}, \"Www-Authenticate\":[]string{\"Basic realm=openshift,error=\\\"access denied\\\"\"}, \"X-Registry-Supports-Signatures\":[]string{\"1\"}}, Body:(*http.bodyEOFSignal)(0xc00030a780), ContentLength:248, TransferEncoding:[]string(nil), Close:true, Uncompressed:false, Trailer:http.Header(nil), Request:(*http.Request)(0xc0001b0200), TLS:(*tls.ConnectionState)(0xc0001a6bb0)}"
time="2022-06-21T15:49:02Z" level=debug msg="Error initiating layer upload, response http.Response{Status:\"401 Unauthorized\", StatusCode:401, Proto:\"HTTP/1.1\", ProtoMajor:1, ProtoMinor:1, Header:http.Header{\"Content-Length\":[]string{\"248\"}, \"Content-Type\":[]string{\"application/json; charset=utf-8\"}, \"Date\":[]string{\"Tue, 21 Jun 2022 15:49:02 GMT\"}, \"Docker-Distribution-Api-Version\":[]string{\"registry/2.0\"}, \"Www-Authenticate\":[]string{\"Basic realm=openshift,error=\\\"access denied\\\"\"}, \"X-Registry-Supports-Signatures\":[]string{\"1\"}}, Body:(*http.bodyEOFSignal)(0xc00030a840), ContentLength:248, TransferEncoding:[]string(nil), Close:true, Uncompressed:false, Trailer:http.Header(nil), Request:(*http.Request)(0xc0001b0400), TLS:(*tls.ConnectionState)(0xc000656c60)}"
time="2022-06-21T15:49:02Z" level=fatal msg="writing blob: initiating layer upload to /v2/tektonpoc-dev/front-end/blobs/uploads/ in image-registry.openshift-image-registry.svc:5000: unauthorized: authentication required"

The important part is where it says that if found credentials, but we still do not know if it is using them or not.

time="2022-06-21T15:49:02Z" level=debug msg="Found credentials for image-registry.openshift-image-registry.svc:5000/tektonpoc-cd/front-end in credential helper containers-auth.json in file /tekton/home/.docker/config.json"

Thanks in advance.

michaelsauter commented 2 years ago

Does the pipeline serviceaccount have at least edit permissions in the tektonpoc-dev namespace? I think that might be the issue.

michaelsauter commented 2 years ago

I'm going to close this as:

Please reopen if the missing role binding was not the cause of the problem.