Debug networking.
docker-registry
deployed in the current namespacejq
binary installed and present inPATH
filter='(.spec.template.spec.containers[0] |= ((.livenessProbe.httpGet.scheme |= "HTTP") |'
filter+=' (.readinessProbe.httpGet.scheme |= "HTTP"))) |'
filter+=' del(.status) | .metadata |= {"name": "\(.name)-tmp", "labels": {"docker-registry":"secondary"}}'
oc get -o json dc/docker-registry | \
oc env -f - -o json REGISTRY_HTTP_TLS_CERTIFICATE- REGISTRY_HTTP_TLS_KEY- | \
jq "${filter}" | oc create -f -
oc expose dc/docker-registry-tmp
# wait until deployed
oc rollout status dc/docker-registry-tmp
# verify it's accessible:
hostport="$(oc get -o jsonpath=$'{.spec.clusterIP}:{.spec.ports[0].port}\n' svc/docker-registry-tmp)"
curl "http://${hostport}/v2/"
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}