Bug 1884270
| Summary: | Git clone does not support SCP-style ssh locations | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Adam Kaplan <adam.kaplan> |
| Component: | Build | Assignee: | Gabe Montero <gmontero> |
| Status: | CLOSED ERRATA | QA Contact: | wewang <wewang> |
| Severity: | low | Docs Contact: | Rolfe Dlugy-Hegwer <rdlugyhe> |
| Priority: | unspecified | ||
| Version: | 4.6 | CC: | aos-bugs, gmontero, rdlugyhe, wzheng |
| Target Milestone: | --- | ||
| Target Release: | 4.7.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
* Previously, OpenShift Builds failed on Git clone when SCP-style ssh locations were specified. This was caused by Golang URL parsing, which does not accommodate Git SCP-styled ssh locations. As a result, OpenShift builds and OpenShift S2I failed when those types of source URLs were supplied. The current release fixes this issue: It augments OpenShift Builds and OpenShift S2I to bypass Golang URL parsing and strip the 'ssh://' prefix. Now, OpenShift Builds and OpenShift S2I accommodate Git SCP-styled ssh locations
(link:https://bugzilla.redhat.com/show_bug.cgi?id=1884270[*BZ#1884270*])
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-02-24 15:22:14 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Adam Kaplan
2020-10-01 13:54:32 UTC
Reproduced with a new unit test in https://github.com/openshift/source-to-image/blob/master/pkg/scm/git/url_test.go Stepping through it with the debugger, Turns out, the golang url.Parse at https://github.com/openshift/source-to-image/blob/09e6ac0ca6febdc8afef8bbf9dcc5afbddd8b3f1/pkg/scm/git/url.go#L90 is complaining so we are going to have to do some pre-processing of the URL to circumvent this. And then vendor in this s2i change in openshift/openshift-apiserver, openshift/builder, and openshift/oc to cover all the bases. Also reproduced with `oc apply` on kind: BuildConfig apiVersion: v1 metadata: name: sample-build spec: source: type: Git git: uri: ssh://git:sclorg/nodejs-ex strategy: type: Source sourceStrategy: env: - name: BUILD_LOGLEVEL value: '5' from: kind: ImageStreamTag name: nodejs:12-ubi8 where the openshift/openshift-apiserver use of s2igit.Parse in https://github.com/openshift/source-to-image/blob/09e6ac0ca6febdc8afef8bbf9dcc5afbddd8b3f1/pkg/scm/git/url.go#L90 in `validateGitSource` at https://github.com/openshift/openshift-apiserver/blob/7babe09b1ddd5429893bc4c90a994a711139d8d4/pkg/build/apis/build/validation/validation.go#L264 flags the error Verified in version:
4.7.0-0.nightly-2020-10-14-043821
Using oc create -f or oc apply of to create buildconfig successfully
```
kind: BuildConfig
apiVersion: v1
metadata:
name: sample-build1
spec:
source:
type: Git
git:
uri: ssh://git:sclorg/nodejs-ex
strategy:
type: Source
sourceStrategy:
```
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 We got this wrong in the initial bug request - when cloning using SCP style users call ``` git clone [user@]server:org/repo.git ``` with no "ssh://" prefix Using SCP style URIs with the ssh:// prefix led us to break pattern matching for SSH urls in https://bugzilla.redhat.com/show_bug.cgi?id=1971332. We still need to accept SCP style URIs, just with the knowledge that these do _not_ have an ssh:// prefix. |