Docker registry config validation needs improvement
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Low
|
Tee Ngo |
Bug Description
Brief Description
-----------------
The bootstrap playbook config validator does not validate user provided registry keys. A misconfiguration of this nature will result in a late bootstrap failure with a misleading error message which is difficult for the user to identify the root cause.
Severity
--------
Minor
Steps to Reproduce
------------------
In host override file, either define a unified docker registry without a key as follows
docker_registries:
type: aws-ecr
username: <user-name>
password: <password>
or define a list of registries, one of which with a typo as follows
docker_registries:
quy.io:
url: <quay-registry-url>
gcr.io:
url: <gcr-registry-url>
k8s.gcr.io:
url: <k8s-gcr-
docker.io:
url: <docker-
Expected Behavior
------------------
Bootstrap fails early during config validation phase with an error message which specifies the misconfigured parameter.
Actual Behavior
----------------
The user misconfigured docker_registries is merged with the default docker_registries. The resulting erroneous docker_registires led to bootstrap failure during services bringup phase with a misleading error message (Internal Server Error: no basic auth credentials).
Reproducibility
---------------
100% reproducible
System Configuration
-------
Any config
Branch/Pull Time/Commit
-------
Dec. 15th master build
Last Pass
---------
Test escape
Timestamp/Logs
--------------
Test Activity
-------------
Developer Testing
Workaround
----------
N/A
Changed in starlingx: | |
assignee: | nobody → Tee Ngo (teewrs) |
Fixed by https:/ /review. opendev. org/c/starlingx /ansible- playbooks/ +/767455
Merged on 2020-12-17