Hide Forgot
Description of problem: No warning appears if create with local file as source secret for option --build-secret; Only the build stays in New state and below warning appears when describe build: Build has error: failed to create build pod: Pod "build-secret-1-build" is invalid: [spec.volumes[2].name: invalid value '/root/test-build', Details: must be a DNS label (at most 63 characters, matching regex [a-z0-9]([-a-z0-9]*[a-z0-9])?): e.g. "my-name", spec.containers[0].volumeMounts[2].name: not found '/root/test-build'] Version-Release number of selected component (if applicable): openshift v1.1.1-287-g313292a kubernetes v1.2.0-alpha.4-851-g4a65fa1 etcd 2.2.2 How reproducible: always Steps to Reproduce: 1.Create a project 2.Create resources with a file as secret $oc new-build --image=ruby:22 https://github.com/wzheng1/build-secret.git --build-secret /local/src/file:/destination/dir Actual results: No warning appears during creating resources, only build stays New. When try to describe the build, below error appears: [root@ip-172-18-8-18 ~]# oc describe builds build-secret-1 Name: build-secret-1 Created: 15 seconds ago Labels: build=build-secret,buildconfig=build-secret,openshift.io/build-config.name=build-secret Annotations: openshift.io/build.number=1 Build Config: build-secret Duration: waiting for 15s Build Pod: build-secret-1-build Strategy: Source URL: https://github.com/wzheng1/build-secret.git Build Secrets: /root/test->/destination/dir From Image: DockerImage registry.access.redhat.com/rhscl/ruby-22-rhel7:latest Output to: ImageStreamTag build-secret:latest Push Secret: builder-dockercfg-4jfnh Status: New (Failed to create build pod: Pod "build-secret-1-build" is invalid: [spec.volumes[2].name: invalid value '/root/test-build', Details: must be a DNS label (at most 63 characters, matching regex [a-z0-9]([-a-z0-9]*[a-z0-9])?): e.g. "my-name", spec.containers[0].volumeMounts[2].name: not found '/root/test-build'].) Events: FirstSeen LastSeen Count From SubobjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 15s 15s 1 {build-controller } Warning HandleBuildError Build has error: failed to create build pod: Pod "build-secret-1-build" is invalid: [spec.volumes[2].name: invalid value '/root/test-build', Details: must be a DNS label (at most 63 characters, matching regex [a-z0-9]([-a-z0-9]*[a-z0-9])?): e.g. "my-name", spec.containers[0].volumeMounts[2].name: not found '/root/test-build'] 15s 1s 8 {build-controller } Warning FailedCreate Error creating: Pod "build-secret-1-build" is invalid: [spec.volumes[2].name: invalid value '/root/test-build', Details: must be a DNS label (at most 63 characters, matching regex [a-z0-9]([-a-z0-9]*[a-z0-9])?): e.g. "my-name", spec.containers[0].volumeMounts[2].name: not found '/root/test-build'] Expected results: It should show clear warning on local file cannot be used as secret input for build-secret right when creating resources. Additional info:
We should validate the name of the secret to be valid DNS name in new-build.
PR: https://github.com/openshift/origin/pull/6893
Commit pushed to master at https://github.com/openshift/origin https://github.com/openshift/origin/commit/0d076a30fadba555a9070757402f043d374a1958 Bug 1303012 - Validate the build secret name in new-build
Have verified with devenv-rhel7_3293, no such issue now; please change the bug to ON_QA, so I can verify it: Below error appears when use local file as secret: error: unable to add build secrets "/local/src/file:/destination/dir": the "/local/src/file" must be valid secret name
Moving to verified per comment #4.