Bug 1896446
Summary: | Git clone from private repository fails after upgrade OCP 4.5 to 4.6 | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Adam Kaplan <adam.kaplan> |
Component: | Build | Assignee: | Adam Kaplan <adam.kaplan> |
Status: | CLOSED ERRATA | QA Contact: | XiuJuan Wang <xiuwang> |
Severity: | urgent | Docs Contact: | |
Priority: | high | ||
Version: | 4.6 | CC: | adam.kaplan, aivaras.laimikis, aos-bugs, gmontero, mrobson, nstielau, obulatov, rheinzma, rmarasch, sdodson, sgarciam, suchaudh, vjaypurk, wking, wzheng |
Target Milestone: | --- | Keywords: | Regression |
Target Release: | 4.7.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | pre-merge-verified | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
* Previously, after upgrading from OpenShift Container Platform version 4.5 to version 4.6, trying to git clone from a private repository failed because builds did not add proxy information to the git configuration that was used to pull the source code. As a result, the source code could not be pulled if the cluster used a global proxy and the source was pulled from a private git repository. The current release fixes this issue: It corrects how git is configured when the cluster uses a global proxy. Now, performing git clone can pull source code from a private git repository if the cluster uses a global proxy.
(link:https://bugzilla.redhat.com/show_bug.cgi?id=1896446[*BZ#1896446*])
|
Story Points: | --- |
Clone Of: | 1894796 | Environment: | |
Last Closed: | 2021-02-24 15:32:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1901512 |
Description
Adam Kaplan
2020-11-10 15:08:04 UTC
*** Bug 1896801 has been marked as a duplicate of this bug. *** Created article with workaround: https://access.redhat.com/solutions/5571661 Work around is to set a cluster BuildDefault to clear the proxy settings for git cloning: ``` $ oc edit build.config.openshift.io/cluster spec: buildDefaults: gitProxy: httpProxy: "" httpsProxy: "" ``` Note that this works if access to the git repository bypasses the proxy via the NO_PROXY environment variable. If the cluster requires the proxy to access all external applications, then this solution would not be applicable. Launched a 4.7 proxy cluster, using image built from build #189. Test scenarios: With .gitconfig of source secret , build could pull code from private repo. Builds go to completed. With basic auth of source secret, build could pull code from private repo. Builds go to completed. Basic HTTP auth with token, github.com added to NO_PROXY. Times out cloning source (cannot access github.com) Marking Bug 1873327 as a related issue, but not a blocker. Verified on 4.7.0-0.nightly-2020-11-25-114114 proxy cluster. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 Removing UpgradeBlocker from this older bug, to remove it from the suspect queue described in [1]. If you feel like this bug still needs to be a suspect, please add keyword again. [1]: https://github.com/openshift/enhancements/pull/475 |