Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle legacy image pull secrets of type kubernetes.io/dockercfg #569

Closed
danielpacak opened this issue May 12, 2021 · 0 comments · Fixed by #577
Closed

Handle legacy image pull secrets of type kubernetes.io/dockercfg #569

danielpacak opened this issue May 12, 2021 · 0 comments · Fixed by #577
Assignees
@danielpacak
Labels
🐛 bug Something isn't working 🔦 plugin/trivy This issue is related to Trivy vulnerability scanner
Milestone
Release v0.10.3

Comments

@danielpacak
Copy link
Contributor

danielpacak commented May 12, 2021
edited
Loading

What steps did you take and what happened:

Define image pull secret in legacy format

What did you expect to happen:

Starboard does not fail

Anything else you would like to add:

The kubernetes.io/dockercfg type is reserved to store a serialized ~/.dockercfg which is the legacy format for configuring Docker command line.

$ kubectl get sa -n starboard-operator starboard-operator -o yaml
apiVersion: v1
imagePullSecrets:
- name: starboard-operator-dockercfg-bvxj2
kind: ServiceAccount
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","kind":"ServiceAccount","metadata":{"annotations":{},"name":"starboard-operator","namespace":"starboard-operator"}}
  creationTimestamp: "2021-05-12T11:59:52Z"
  name: starboard-operator
  namespace: starboard-operator
  resourceVersion: "227356"
  selfLink: /api/v1/namespaces/starboard-operator/serviceaccounts/starboard-operator
  uid: 0634840c-bac5-43f5-90a5-07cc3d91c0fc
secrets:
- name: starboard-operator-token-brg69
- name: starboard-operator-dockercfg-bvxj2
$ kubectl get secret -n starboard-operator starboard-operator-dockercfg-bvxj2 -o yaml
apiVersion: v1
kind: Secret
metadata:
  name: starboard-operator-dockercfg-bvxj2
  namespace: starboard-operator
  annotations:
    kubernetes.io/service-account.name: starboard-operator
    kubernetes.io/service-account.uid: 0634840c-bac5-43f5-90a5-07cc3d91c0fc
    openshift.io/token-secret.name: starboard-operator-token-xp2lz
    openshift.io/token-secret.value: "*******"
  creationTimestamp: "2021-05-12T11:59:52Z"
  ownerReferences:
  - apiVersion: v1
    blockOwnerDeletion: false
    controller: true
    kind: Secret
    name: starboard-operator-token-xp2lz
    uid: fac062f9-ab94-4bd0-89f7-a8dcba4a95a4
  resourceVersion: "227353"
  selfLink: /api/v1/namespaces/starboard-operator/secrets/starboard-operator-dockercfg-bvxj2
  uid: c72a44bd-3221-47d0-8053-7ac30164f4dc
type: kubernetes.io/dockercfg
data:
  .dockercfg: e30=

Environment:

  • Starboard version (use starboard version): 0.10.1
  • Kubernetes version (use kubectl version): any
  • OS (macOS 10.15, Windows 10, Ubuntu 19.10 etc): any
@danielpacak danielpacak added the 🐛 bug Something isn't working label May 12, 2021
@danielpacak danielpacak added this to the Release v0.10.2 milestone May 12, 2021
@danielpacak danielpacak self-assigned this May 12, 2021
@danielpacak danielpacak removed this from the Release v0.10.2 milestone May 13, 2021
@danielpacak danielpacak added this to the Release v0.10.3 milestone May 14, 2021
@danielpacak danielpacak added the 🔦 plugin/trivy This issue is related to Trivy vulnerability scanner label May 14, 2021
danielpacak added a commit that referenced this issue May 14, 2021
@danielpacak
fix: Handle legacy image pull secrets of type kubernetes.io/dockercfg
e908c2c 
Resolves: #569

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
@danielpacak danielpacak mentioned this issue May 14, 2021
Merged
danielpacak added a commit that referenced this issue May 14, 2021
@danielpacak
fix: Handle legacy image pull secrets of type kubernetes.io/dockercfg (
bd095bd 
…#577)

Resolves: #569

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielpacak danielpacak

Labels
🐛 bug Something isn't working 🔦 plugin/trivy This issue is related to Trivy vulnerability scanner
Projects
None yet
Milestone
Release v0.10.3
Development

Successfully merging a pull request may close this issue.

fix: Handle legacy image pull secrets of type kubernetes.io/dockercfg aquasecurity/starboard
1 participant
@danielpacak