CatlogSource ImagePull Secrets not working #1801
Comments
|
HI @dasabhisek, could you confirm the version of OLM you're using? 0.19 is not a tagged release. Looking back at an older version, even 0.13, we copy the secret from the OLM namespace to the target namespace here. I imagine the embedded CSV deployment spec would reference this secret by name in the podSpec and then when the deployment is created from the CSV the secret is available to the pods. Are there any logs in the catalog operator related to secrets that you see? Is the secret you're using in the OLM namespace? OLM copies the secret from its own namespace into the operator-installation namespace. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
openshift-ci-robot
added
triage/unresolved
|
This feature is working as intended. In the master branch, OLM currently allows users to provide a secret that is used to pull the CatalogSource image and the bundles contained within. OLM does not create this secret in namespaces of operators that it deploys in order to avoid privilege escalation, which would allow all users in that namespace to pull images from the registry. |
Bug Report
I am some issue. I set the image pull secrets under .spec.secrets of CatalogSource. But I am facing Error: ErrImagePull
Also this secrets are not copied into target namespace where Operator is getting installed.
What did you do?
I set the image pull secrets under .spec.secrets of CatalogSource
What did you expect to see?
Private image can be pulled using the catalogsource secrets
What did you see instead? Under which circumstances?
But I am facing Error: ErrImagePull
Also this secrets are not copied into target namespace where Operator is getting installed.
Environment
The text was updated successfully, but these errors were encountered: