Description of problem: Can't git clone using user's token when set REQUIRE_SERVER_AUTH for gitserver , always meet "fatal: unable to access 'http://172.30.147.81:8080/ruby-hello-world.git/': The requested URL returned error: 500" Works in origin when use same openshift/origin-gitserver. Version-Release number of selected component (if applicable): oc v3.0.2.905 kubernetes v1.2.0-alpha.1-1107-g4c8e6f4 openshift/origin-gitserver(image id: e28cf3dfc92a) built in devenv-feodra_2627 How reproducible: always Steps to Reproduce: 1.Pull the latest openshift/origin-gitserver image to master and node 2.Oc login to openshit and get user token 3.Create gitserver with REQUIRE_SERVER_AUTH auth wget https://raw.githubusercontent.com/openshift/origin/master/examples/gitserver/gitserver.yaml oc create -f gitserver/gitserver.yaml 4.After gitserver pod is running, git clone http://$gitserver:8080/ruby-hello-world.git Actual results: # oc get svc NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE gitserver 172.30.147.81 <none> 8080/TCP run-container=gitserver 21s # oc get pods NAME READY STATUS RESTARTS AGE gitserver-1-lmtu5 1/1 Running 0 20s When git clone, enter user's token,but failed with 500 error. # git clone http://172.30.147.81:8080/ruby-hello-world.git Cloning into 'ruby-hello-world'... Username for 'http://172.30.147.81:8080': xiuwang Password for 'http://xiuwang@172.30.147.81:8080': fatal: unable to access 'http://172.30.147.81:8080/ruby-hello-world.git/': The requested URL returned error: 500 Expected results: Could git clone repo from gitserver. Additional info: gitserver pod log in OSE env #oc logs gitserver-1-lmtu5 2015-11-04 14:37:44.096411 I | Linking build configs in namespace(s) [xiuwang] to the gitserver 2015-11-04 14:37:44.397142 I | No build configs found to link to the gitserver 2015-11-04 14:37:44.397215 I | error: Get https://kubernetes.default:443/oapi/v1/namespaces/xiuwang/buildconfigs: x509: certificate is valid for openshift-149.lab.sjc.redhat.com, not kubernetes.default 2015-11-04 14:37:44.400192 I | Authenticating against https://kubernetes.default:443 allow-push=true anon-pull=false 2015-11-04 14:37:44.400211 I | Serving /var/lib/git on :8080 gitserver pod log in origin env $ oc logs gitserver-1-nqopa 2015-11-04 14:00:32.326192 I | Linking build configs in namespace(s) [xiuwang] to the gitserver 2015-11-04 14:00:32.875770 I | No build configs found to link to the gitserver 2015-11-04 14:00:32.875816 I | error: User "system:serviceaccount:xiuwang:default" cannot list buildconfigs in project "xiuwang" 2015-11-04 14:00:32.876546 I | Authenticating against https://kubernetes.default:443 allow-push=true anon-pull=false 2015-11-04 14:00:32.876561 I | Serving /var/lib/git on :8080 2015-11-04 14:01:55.619659 I | Lazily initializing bare repository http://gitserver.xiuwang.svc.cluster.local:8080/ruby-hello-world.git
Can't reproduce this bug in ose 3.1 oc v3.1.0.4-9-g72d3991 kubernetes v1.1.0-origin-1107-g4c8e6f4 But has a strage message in pod log error: User "system:serviceaccount:xiuwang:gitserver" cannot list buildconfigs in project "xiuwang" #oc logs gitserver-1-onbkc 2015-11-16 05:22:44.566111 I | Linking build configs in namespace(s) [xiuwang] to the gitserver 2015-11-16 05:22:44.762748 I | No build configs found to link to the gitserver 2015-11-16 05:22:44.762792 I | error: User "system:serviceaccount:xiuwang:gitserver" cannot list buildconfigs in project "xiuwang" 2015-11-16 05:22:44.763738 I | Authenticating against https://kubernetes.default:443 allow-push=true anon-pull=false 2015-11-16 05:22:44.763757 I | Serving /var/lib/git on :8080
@ben Could you move this bug to on_qa, since could git clone using user's token when set REQUIRE_SERVER_AUTH for gitserver, and no error in gitserver pod logs. puddle: 3.2/2016-03-28.4/
According to comment #4, move this bug to verified. Thanks to Ben!