Disk image generation fails with signed containers #681

mmartinv · 2024-10-18T14:21:28Z

It's not possible to generate a qcow2 image from a signed container, the build fails with the following error:

org.osbuild.container-deploy: 3997d3ffea649b0f548b17edc3950b682bd3ea6b86551552fa580c1024db6b13 {}
Getting image source signatures
Checking if image destination supports signatures
time="2024-10-18T11:12:19Z" level=fatal msg="Copying this image would require changing layer representation, which we cannot do: \"Would invalidate signatures\""
Error: tmp-container-deploy-82752177721682: image not known
Traceback (most recent call last):
  File "/run/osbuild/bin/org.osbuild.container-deploy", line 50, in main
    subprocess.run(
  File "/usr/lib64/python3.12/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['skopeo', 'copy', 'containers-storage:[overlay@/run/osbuild/containers/storage+/run/containers/storage]a54573503344f1adafea48e1383aa4a339c39f0c065e7eec28e814652f12b3b1', 'containers-storage:tmp-container-deploy-82752177721682']' returned non-zero exit status 1.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/run/osbuild/bin/org.osbuild.container-deploy", line 64, in <module>
    r = main(args["inputs"], args["tree"], args["options"])
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/run/osbuild/bin/org.osbuild.container-deploy", line 47, in main
    with contextlib.ExitStack() as cm:
         ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.12/contextlib.py", line 610, in __exit__
    raise exc_details[1]
  File "/usr/lib64/python3.12/contextlib.py", line 595, in __exit__
    if cb(*exc_details):
       ^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.12/contextlib.py", line 478, in _exit_wrapper
    callback(*args, **kwds)
  File "/usr/lib64/python3.12/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['podman', 'rmi', 'tmp-container-deploy-82752177721682']' returned non-zero exit status 1.

Similar to #676

The text was updated successfully, but these errors were encountered:

Make `skopeo copy` to remove the signatures of signed containers by default to avoid build failures. Depends: osbuild/osbuild#1906 Resolves: osbuild/bootc-image-builder/issues/681 Signed-off-by: Miguel Martín <[email protected]>

Make `skopeo copy` to remove the signatures of signed containers by default to avoid build failures until [1] is implemented. Depends: osbuild/osbuild#1906 Resolves: osbuild/bootc-image-builder#681 [1] containers/image#2599 Signed-off-by: Miguel Martín <[email protected]>

Make `skopeo copy` to remove the signatures of signed containers by default to avoid build failures until [1] is implemented. Depends: osbuild/osbuild#1906 Resolves: osbuild/bootc-image-builder#681 [1] containers/image#2599 Co-authored-by: Michael Vogt <[email protected]>

mmartinv mentioned this issue Oct 18, 2024

feat: remove signatures in container deployments by default osbuild/images#990

Merged

achilleas-k closed this as completed in osbuild/images#990 Oct 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Disk image generation fails with signed containers #681

Disk image generation fails with signed containers #681

mmartinv commented Oct 18, 2024 •

edited

Loading

Disk image generation fails with signed containers #681

Disk image generation fails with signed containers #681

Comments

mmartinv commented Oct 18, 2024 • edited Loading

mmartinv commented Oct 18, 2024 •

edited

Loading