Bug 1270728
| Summary: | [devexp_public_569]Build can't get the correct password from secret if username in secret is different with username in source repo | ||
|---|---|---|---|
| Product: | OKD | Reporter: | XiuJuan Wang <xiuwang> |
| Component: | Build | Assignee: | Jakub Hadvig <jhadvig> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Wenjing Zheng <wzheng> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.x | CC: | aos-bugs, bparees |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-11-23 21:16:04 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This is working as designed. The username in the secret will override the username in the source URL. Seem username in the secret don't override the username in the source URL Create a secret with correct username and password for https://bitbucket.org/xiuwang/ruby-hello-world.git $oc secrets new-basicauth mysecret --username=xiuwang --password=redhat320 2.Use new mysecret in buildconfig, add a on-existing username in the sourceURL source: git: uri: https://noexisting@bitbucket.org/xiuwang/ruby-hello-world.git sourceSecret: name: mysecret 3.Trigger build, build will fail. oc start-build ruby-sample-build --follow -n xiuwang ruby-sample-build-3 E1013 03:21:45.096619 1 git.go:102] Clone failed: fatal: could not read Password for 'https://noexisting@bitbucket.org': No such device or address F1013 03:21:45.097408 1 builder.go:54] Build error: exit status 128 Submitted PR: https://github.com/openshift/origin/pull/5322 pull is in the merge queue: https://github.com/openshift/origin/pull/5486 Commit pushed to master at https://github.com/openshift/origin https://github.com/openshift/origin/commit/d4f57814c36853d3bf147ee81b5afd5daf1520d0 Bug 1270728 - username in the secret don't override the username in the source URL Still could reproduce in devenv-fedora_2595 Same senario as comment #2 failed with same error. oc v1.0.7-32-gd17e473 kubernetes v1.2.0-alpha.1-1107-g4c8e6f4 Just tested on the latest Origin and scenario from comment #2 passed without mentioned error. oc version: oc v1.0.7-40-g27fae22-dirty kubernetes v1.2.0-alpha.1-1107-g4c8e6f4 Sorry, Just saw the code in origin dir in last instance,not notice if oc version was latest. Can't reproduce this bug. oc v1.0.7-73-g1605f20 kubernetes v1.2.0-alpha.1-1107-g4c8e6f4 |
Description of problem: Build can't get the correct password from secret if username in secret is different with username in source repo. When create secret with username and password,the secret will generate two separated data 'username' and password.So if username in secret is different with username in source repo, shouldn't influence the password validation. Version-Release number of selected component (if applicable): devenv-fedora_2459 How reproducible: always Steps to Reproduce: 1.Generate a secret with a no-existing username and correct password for correct username xiuwang oc secrets new-basicauth mysecret --username=xiuwangnoexisting --password=redhat123 2.Edit buildconfig to include mysecret secret and add username into source repo source: git: uri: https://xiuwang@bitbucket.org/xiuwang/ruby-hello-world.git sourceSecret: name: mysecret 3.Create app and check new build Actual results: step 3: oc start-build ruby-sample-build --follow E1012 08:30:22.744819 1 git.go:102] Clone failed: fatal: could not read Password for 'https://xiuwang@bitbucket.org': No such device or address F1012 08:30:22.745804 1 builder.go:54] Build error: exit status 128 Expected results: Should build successfully or tip more friendly. Additional info: Build will succeed with secret only with password, and username in source repo. 1.Create secret only with password oc secrets new-basicauth mysecret1 --password=redhat123 2.Use new mysecret1 in buildconfig source: git: uri: https://xiuwang@bitbucket.org/xiuwang/ruby-hello-world.git sourceSecret: name: mysecret1 3.Trigger build Build will succeed.