Uploaded image for project: 'Nuxeo ECM Build/Test Environment'
  1. Nuxeo ECM Build/Test Environment
  2. NXBT-3758

Fix absence of skopeo Docker image

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Continuous Integration
    • Tags:
    • Team:
      PLATFORM
    • Sprint:
      nxplatform #95
    • Story Points:
      1

      Description

      On August the 29th, all quay.io/containers/skopeo images have been deleted due to a potential credentials leak, see:

      On August 23rd it was discovered that the credentials for several robot service accounts with write-access to the container-images could have leaked. Upon discovery, the credentials were invalidated. The earliest possible leak opportunity was around March 10th, 2022.
      ...
      We realize this issue has the potential to impact not only direct, but also indirect use, such as base-images. The safety and integrity of these images has and must take priority. At this time, all images have been disabled. We will restore originals and/or rebuild fresh copies based on further safety analysis.

      This is causing build failure in the Platform CI, especially all jobs that uses a CentOS 7 based builder, see:

      skopeo copy docker://docker.platform.dev.nuxeo.com/nuxeo/nuxeo-base:2021.43.4 docker://docker.platform.dev.nuxeo.com/nuxeo/nuxeo-base:2021.x
[2023-08-29T14:47:20.822Z] Unable to find image 'quay.io/containers/skopeo:v1.9.2' locally
[2023-08-29T14:47:21.390Z] docker: Error response from daemon: unknown: Tag v1.9.2 was deleted or has expired. To pull, revive via time machine.

      A potential mid-term solution would be to use an user image such as https://hub.docker.com/r/bdwyertech/skopeo

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. NXP-32055 Fix nc commands while setting up the benchmark environment

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. NXP-32023 Fix Invalid CEN header when importing Nuxeo zip files

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          links to

          Web Link Reading manifest latest in quay.io/containers/podman: unknown: Tag latest was deleted or has expired

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: