Bug 1270728

Summary: [devexp_public_569]Build can't get the correct password from secret if username in secret is different with username in source repo
Product: OKD Reporter: XiuJuan Wang <xiuwang>
Component: BuildAssignee: Jakub Hadvig <jhadvig>
Status: CLOSED CURRENTRELEASE QA Contact: Wenjing Zheng <wzheng>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.xCC: aos-bugs, bparees
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-23 16:16:04 EST Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description XiuJuan Wang 2015-10-12 05:23:55 EDT
Description of problem:
Build can't get the correct password from secret if username in secret is different with username in source repo.
When create secret with username and password,the secret will generate two separated data 'username' and password.So if username in secret is different with username in source repo, shouldn't influence the password validation.

Version-Release number of selected component (if applicable):
devenv-fedora_2459

How reproducible:
always

Steps to Reproduce:
1.Generate a secret with a no-existing username and correct password for correct username xiuwang
oc secrets new-basicauth mysecret --username=xiuwangnoexisting --password=redhat123
2.Edit buildconfig to include mysecret secret and add username into source repo
  source:
    git:
      uri: https://xiuwang@bitbucket.org/xiuwang/ruby-hello-world.git
    sourceSecret:
      name: mysecret
3.Create app and check new build

Actual results:
step 3:
oc start-build ruby-sample-build --follow 
E1012 08:30:22.744819       1 git.go:102] Clone failed: fatal: could not read Password for 'https://xiuwang@bitbucket.org': No such device or address
F1012 08:30:22.745804       1 builder.go:54] Build error: exit status 128


Expected results:
Should build successfully or tip more friendly.

Additional info:
Build will succeed with secret only with password, and username in source repo.

1.Create secret only with password
oc secrets new-basicauth mysecret1 --password=redhat123
2.Use new mysecret1 in buildconfig
  source:
    git:
      uri: https://xiuwang@bitbucket.org/xiuwang/ruby-hello-world.git
    sourceSecret:
      name: mysecret1
3.Trigger build
Build will succeed.
Comment 1 Cesar Wong 2015-10-12 09:09:38 EDT
This is working as designed. The username in the secret will override the username in the source URL.
Comment 2 XiuJuan Wang 2015-10-12 23:26:03 EDT
Seem username in the secret don't override the username in the source URL

Create a secret with correct username and password for https://bitbucket.org/xiuwang/ruby-hello-world.git
$oc secrets new-basicauth mysecret --username=xiuwang --password=redhat320

2.Use new mysecret in buildconfig, add a on-existing username in the sourceURL
  source:
    git:
      uri: https://noexisting@bitbucket.org/xiuwang/ruby-hello-world.git
    sourceSecret:
      name: mysecret
3.Trigger build, build will fail.
oc start-build ruby-sample-build --follow   -n xiuwang
ruby-sample-build-3
E1013 03:21:45.096619       1 git.go:102] Clone failed: fatal: could not read Password for 'https://noexisting@bitbucket.org': No such device or address
F1013 03:21:45.097408       1 builder.go:54] Build error: exit status 128
Comment 3 Jakub Hadvig 2015-10-23 08:40:05 EDT
Submitted PR: https://github.com/openshift/origin/pull/5322
Comment 4 Ben Parees 2015-10-29 11:23:06 EDT
pull is in the merge queue:
https://github.com/openshift/origin/pull/5486
Comment 5 openshift-github-bot 2015-10-29 16:29:08 EDT
Commit pushed to master at https://github.com/openshift/origin

https://github.com/openshift/origin/commit/d4f57814c36853d3bf147ee81b5afd5daf1520d0
Bug 1270728 - username in the secret don't override the username in the source URL
Comment 6 XiuJuan Wang 2015-10-30 06:12:24 EDT
Still could reproduce in devenv-fedora_2595
Same senario as comment #2 failed with same error.

oc v1.0.7-32-gd17e473
kubernetes v1.2.0-alpha.1-1107-g4c8e6f4
Comment 7 Jakub Hadvig 2015-10-30 08:46:09 EDT
Just tested on the latest Origin and scenario from comment #2 passed without mentioned error.

oc version:
oc v1.0.7-40-g27fae22-dirty
kubernetes v1.2.0-alpha.1-1107-g4c8e6f4
Comment 8 XiuJuan Wang 2015-11-02 00:49:14 EST
Sorry,
Just saw the code in origin dir in last instance,not notice if oc version was latest.
Can't reproduce this bug.
oc v1.0.7-73-g1605f20
kubernetes v1.2.0-alpha.1-1107-g4c8e6f4