Cause:
"Started By" is a metadata point added in 4.5 to help track between Trigger starts and manual starts through the UI. This was stored in the K8s "label" field on the PipelineRun.
K8s Labels were used to hold onto the username; however K8s Labels have a very small subset of characters allowed.
Consequence:
Email-based usernames contain "@" which is not a valid K8s Label field value
Fix:
Move the "Started By" over to the K8s Annotation field, which is more freeform and allows for usernames that contain non-label valid characters
Result:
Resolves the issue that prevented the Pipeline from being started if the username was an email address.
DescriptionChristian Passarelli
2020-08-13 12:12:43 UTC
Description of problem:
Starting pipelines from web ui and using users with "@" character in the name will fail with this error:
>Error "Invalid value: "username": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue', or 'my_value', or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')" for field "metadata.labels".
Version-Release number of selected component (if applicable):
Openshift Container Platform 4.5
OpenShift Pipelines Operator 1.0.1
Actions
How reproducible:
100% reproducible
Steps to Reproduce:
1. Create a pipeline
2. Try to start the pipeline from web UI by user that has "@" character in the name
Actual results:
Error "Invalid value: "username": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue', or 'my_value', or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')" for field "metadata.labels".
Expected results:
It should start
Additional info:
It prevents users in clusters that use google identity provider, or in general any user with "@" character in the name, to start pipelines.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2020:4196
Description of problem: Starting pipelines from web ui and using users with "@" character in the name will fail with this error: >Error "Invalid value: "username": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue', or 'my_value', or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')" for field "metadata.labels". Version-Release number of selected component (if applicable): Openshift Container Platform 4.5 OpenShift Pipelines Operator 1.0.1 Actions How reproducible: 100% reproducible Steps to Reproduce: 1. Create a pipeline 2. Try to start the pipeline from web UI by user that has "@" character in the name Actual results: Error "Invalid value: "username": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue', or 'my_value', or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')" for field "metadata.labels". Expected results: It should start Additional info: It prevents users in clusters that use google identity provider, or in general any user with "@" character in the name, to start pipelines.