Fix Nexus image deployment
oc tag
did nothing with the 3.11 image, it needs the 3.10 CLI for some subtle permission reasons.
With latest image tag is not actually updated:
PS C:\git\nexus-cern-apb> docker run --rm -it -e OPENSHIFT_SERVER=https://openshift-dev.cern.ch -e NEXUS_IMAGE=sonatype/nexus3:3.21.2 gitlab-registry.cern.ch/paas-tools/openshift-client bash
[root@1bb23538dc03 /]# export OPENSHIFT_TOKEN=XXXX
[root@1bb23538dc03 /]# oc tag --server "${OPENSHIFT_SERVER}" --token "${OPENSHIFT_TOKEN}" --source=docker "${NEXUS_IMAGE}" openshift/nexus-cern:stable
Tag openshift/nexus-cern:stable set to sonatype/nexus3:3.21.2.
[root@1bb23538dc03 /]# oc get --server "${OPENSHIFT_SERVER}" --token "${OPENSHIFT_TOKEN}" istag nexus-cern:stable -n opens
hift
NAME DOCKER REF UPDATED
nexus-cern:stable sonatype/nexus3@sha256:2c33632ccd8f8c5f9023a3d7f5f541e271833e402219f8c5a83a29d1721457ca 5 months ago
But with 3.10 it is:
PS C:\git\nexus-cern-apb> docker run --rm -it -e OPENSHIFT_SERVER=https://openshift-dev.cern.ch -e NEXUS_IMAGE=sonatype/nexus3:3.21.2 gitlab-registry.cern.ch/paas-tools/openshift-client:v3.10.0 bash
[root@11e0cbc1f6dd /]# export OPENSHIFT_TOKEN=XXXX
[root@11e0cbc1f6dd /]# oc tag --server "${OPENSHIFT_SERVER}" --token "${OPENSHIFT_TOKEN}" --source=docker "${NEXUS_IMAGE}" openshift/nexus-cern:stable
Tag openshift/nexus-cern:stable set to sonatype/nexus3:3.21.2.
[root@11e0cbc1f6dd /]# oc get --server "${OPENSHIFT_SERVER}" --token "${OPENSHIFT_TOKEN}" istag nexus-cern:stable -n openshift
NAME DOCKER REF UPDATED
nexus-cern:stable sonatype/nexus3@sha256:0da209382e7c776ed366b25f7ccab2ceeed6df1a792fbef2f7c2cccf40b8f638 9 seconds ago
The manual command above did redeploy the Nexus instances in dev, while CI job https://gitlab.cern.ch/vcs/nexus-cern-apb/-/jobs/7803371 had no effect
This means the update of prod instances needs to be done from a pipeline after this MR is merged.