Image pull fails as rejected by policy in OpenShift 4

Solution Verified - Updated -

Issue

  • When trying to deploy a container image, the deployment fails with ImagePullBackOff and the following error message:

    Failed to pull image "registry.example.com:5000/my-project/myimage@sha256:c7be7ee7e61afee1618c09271db59f846aa5a9e17487f909793cef5f722303c0": rpc error: code = Unknown desc = Source image rejected: Running image docker://registry.example.com:5000/my-project/myimage@sha256:c7be7ee7e61afee1618c09271db59f846aa5a9e17487f909793cef5f722303c0 is rejected by policy.

  • When trying to deploy a container image, the deployment fails with ImagePullBackOff and the following error message is observed:

    Failed to pull image "example.com/my-image/my-image@sha256:xxxxxxx": rpc error: code = Unknown desc = SignatureValidationFailed: copying system image from manifest list: Source image rejected: Running image docker://example.com/my-image/my-image@sha256:xxxxxxx is rejected by policy.

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4
  • An allowedRegistries or blockedRegistries list is configured in the image.config resource.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content