Bug 1484960 - Builds with source secret broken since init container work
Summary: Builds with source secret broken since init container work
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OKD
Classification: Red Hat
Component: Build
Version: 3.x
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 3.x
Assignee: Jim Minter
QA Contact: Wenjing Zheng
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-08-24 16:32 UTC by Jim Minter
Modified: 2017-11-10 21:34 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
As part of the transformation of OpenShift Builds to use init containers, a bug was introduced where environment variables were not set correctly on Build pods due to aliased environment arrays. This was resolved by dealiasing the arrays.
Clone Of:
Environment:
Last Closed: 2017-11-10 21:34:23 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Jim Minter 2017-08-24 16:32:02 UTC 
$ oc secrets new-sshauth mysecret --ssh-privatekey=.ssh/id_rsa 

$ oc create -f - <<'EOF'
kind: List
apiVersion: v1
items:
- kind: ImageStream
  apiVersion: v1
  metadata:
    name: nodejs

- kind: BuildConfig
  apiVersion: v1
  metadata:
    name: nodejs
  spec:
    output:
      to:
        kind: ImageStreamTag
        name: nodejs:latest
    source:
      type: Git
      git:
        ref: master
        uri: https://github.com/openshift/nodejs-ex.git
      sourceSecret:
        name: mysecret
    strategy:
      type: Source
      sourceStrategy:
        from:
          kind: ImageStreamTag
          name: nodejs:4
          namespace: openshift
EOF

$ oc start-build nodejs

wait...

$ oc get build nodejs-1
NAME       TYPE      FROM         STATUS                        STARTED         DURATION
nodejs-1   Source    Git@master   Failed (GenericBuildFailed)   3 minutes ago   1s

$ oc logs build/nodejs-1
error: cannot setup source secret: open : no such file or directory


Cause: the SOURCE_SECRET_PATH environment variable is missing in the build pod.
Comment 1 Jim Minter 2017-08-24 16:35:42 UTC 
https://github.com/openshift/origin/pull/15946
Comment 2 Dongbo Yan 2017-09-13 02:40:55 UTC 
verified
openshift v3.7.0-0.125.0
kubernetes v1.7.0+695f48a16f
etcd 3.2.1

reproduce step:
1.create a secret with dot
2.add source secret into buildConfig, trigger new build
3.check build status

actual result:
# oc get build
NAME                       TYPE      FROM          STATUS     STARTED         DURATION
nodejs-mongodb-example-1   Source    Git@44abae3   Complete   4 minutes ago   40s
nodejs-mongodb-example-2   Source    Git@44abae3   Complete   3 minutes ago   21s

move to verified
Note You need to log in before you can comment on or make changes to this bug.