Bug 1613222 - [BehindProxy]Cannot pull source repo for custom build
Summary: [BehindProxy]Cannot pull source repo for custom build
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Build
Version: 3.11.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 3.11.0
Assignee: Ben Parees
QA Contact: wewang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-08-07 09:05 UTC by Wenjing Zheng
Modified: 2018-10-17 13:44 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-10-11 07:24:00 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:2652 0 None None None 2018-10-11 07:24:21 UTC

Description Wenjing Zheng 2018-08-07 09:05:35 UTC 
Description of problem:
Cannot pull source repo for custom build in behind proxy env:Acutally custom build pod has included proxy envs which come from master-config.yaml
[wzheng@laptop test]$ oc get builds
NAME                  TYPE      FROM      STATUS                        STARTED         DURATION
ruby-sample-build-1   Custom    Git       Failed (GenericBuildFailed)   3 minutes ago   9s
[wzheng@laptop test]$ oc logs builds/ruby-sample-build-1
Could not access source url: https://github.com/openshift/ruby-hello-world.git


Version-Release number of selected component (if applicable):
openshift v3.11.0-0.11.0

How reproducible:
always

Steps to Reproduce:
1.On behind proxy env, create custom build
oc process -f application-template-custombuild.json| oc create -f -
2.
3.

Actual results:
Build is failed

Expected results:
Build should complete

Additional info:
$ oc set env pods --all --list | grep proxy
BUILD={"kind":"Build","apiVersion":"build.openshift.io/v1","metadata":{"name":"ruby-sample-build-1","namespace":"wzheng3","selfLink":"/apis/build.openshift.io/v1/namespaces/wzheng3/builds/ruby-sample-build-1","uid":"98cab599-9a19-11e8-9a37-fa163e008cff","resourceVersion":"636396","creationTimestamp":"2018-08-07T08:12:16Z","labels":{"buildconfig":"ruby-sample-build","name":"ruby-sample-build","openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.start-policy":"Serial","template":"application-template-custombuild"},"annotations":{"openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.number":"1"},"ownerReferences":[{"apiVersion":"build.openshift.io/v1","kind":"BuildConfig","name":"ruby-sample-build","uid":"9f96b90a-9a19-11e8-8604-fa163e21c876","controller":true}]},"spec":{"serviceAccount":"builder","source":{"type":"Git","git":{"uri":"https://github.com/openshift/ruby-hello-world.git","httpProxy":"http://file.rdu.redhat.com:3128","httpsProxy":"http://file.rdu.redhat.com:3128","noProxy":".centralci.eng.rdu2.redhat.com,.cluster.local,.lab.sjc.redhat.com,.svc,10.14.89.4,169.254.169.254,172.16.120.13,172.16.120.19,172.16.120.43,172.31.0.1,preserve-s1share311-lb-1,preserve-s1share311-master-etcd-1,preserve-s1share311-master-etcd-2,preserve-s1share311-master-etcd-3,preserve-s1share311-node-1,preserve-s1share311-node-2,preserve-s1share311-node-3,preserve-s1share311-nrr-1,preserve-s1share311-nrr-2,preserve-s1share311-nrr-3"}},"strategy":{"type":"Custom","customStrategy":{"from":{"kind":"DockerImage","name":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},"env":[{"name":"OPENSHIFT_CUSTOM_BUILD_BASE_IMAGE","value":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},{"name":"HTTP_PROXY","value":"http://file.rdu.redhat.com:3128"},{"name":"HTTPS_PROXY","value":"http://file.rdu.redhat.com:3128"},{"name":"NO_PROXY","value":".centralci.eng.rdu2.redhat.com,.cluster.local,.lab.sjc.redhat.com,.svc,10.14.89.4,169.254.169.254,172.16.120.13,172.16.120.19,172.16.120.43,172.31.0.1,preserve-s1share311-lb-1,preserve-s1share311-master-etcd-1,preserve-s1share311-master-etcd-2,preserve-s1share311-master-etcd-3,preserve-s1share311-node-1,preserve-s1share311-node-2,preserve-s1share311-node-3,preserve-s1share311-nrr-1,preserve-s1share311-nrr-2,preserve-s1share311-nrr-3"},{"name":"http_proxy","value":"http://file.rdu.redhat.com:3128"},{"name":"https_proxy","value":"http://file.rdu.redhat.com:3128"},{"name":"no_proxy","value":".centralci.eng.rdu2.redhat.com,.cluster.local,.lab.sjc.redhat.com,.svc,10.14.89.4,169.254.169.254,172.16.120.13,172.16.120.19,172.16.120.43,172.31.0.1,preserve-s1share311-lb-1,preserve-s1share311-master-etcd-1,preserve-s1share311-master-etcd-2,preserve-s1share311-master-etcd-3,preserve-s1share311-node-1,preserve-s1share311-node-2,preserve-s1share311-node-3,preserve-s1share311-nrr-1,preserve-s1share311-nrr-2,preserve-s1share311-nrr-3"}],"exposeDockerSocket":true}},"output":{"to":{"kind":"DockerImage","name":"docker-registry.default.svc:5000/wzheng3/origin-ruby-sample:latest"},"pushSecret":{"name":"builder-dockercfg-n8d7q"}},"resources":{},"postCommit":{"args":["bundle","exec","rake","test"]},"nodeSelector":null,"triggeredBy":[{"message":"Image change","imageChangeBuild":{"imageID":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea","fromRef":{"kind":"ImageStreamTag","name":"origin-custom-docker-builder:latest"}}}]},"status":{"phase":"New","outputDockerImageReference":"docker-registry.default.svc:5000/wzheng3/origin-ruby-sample:latest","config":{"kind":"BuildConfig","namespace":"wzheng3","name":"ruby-sample-build"},"output":{}}}
Comment 1 Ben Parees 2018-08-07 14:53:15 UTC 
> Actually custom build pod has included proxy envs which come from master-config.yaml


Are you saying you would not expect to see the HTTP_PROXY env vars set in the custom build pod and that their presence is breaking things?
Comment 2 Wenjing Zheng 2018-08-08 01:28:45 UTC 
I mean even the HTTP_PROXY and HTTPS_PROXY env vars set in the custom build pod, but it still cannot get source repo.
Comment 3 Ben Parees 2018-08-08 16:39:29 UTC 
https://github.com/openshift/origin/pull/20574
Comment 5 wewang 2018-08-29 06:12:13 UTC 
Verified in openshift v3.11.0-0.24.0, custom  build is complete behind proxy env

steps:
1. Enable custom build
$ oc adm policy add-cluster-role-to-group system:build-strategy-custom
 
2.Create apps
$ oc new-app -f https://raw.githubusercontent.com/openshift/origin/master/examples/sample-app/application-template-custombuild.json

$ oc get builds
NAME                  TYPE      FROM      STATUS    STARTED         DURATION
ruby-sample-build-1   Custom    Git       Complete   23 seconds ago   23

$ oc set env pods --list --all
^C
[wewang@wen-local cucushift]$ 
[wewang@wen-local cucushift]$ oc set env pods --list --all |grep http
BUILD={"kind":"Build","apiVersion":"build.openshift.io/v1","metadata":{"name":"ruby-sample-build-1","namespace":"wewang1","selfLink":"/apis/build.openshift.io/v1/namespaces/wewang1/builds/ruby-sample-build-1","uid":"c94e0d79-ab51-11e8-a63d-fa163ea877c4","resourceVersion":"34869","creationTimestamp":"2018-08-29T06:07:19Z","labels":{"app":"ruby-helloworld-sample","buildconfig":"ruby-sample-build","name":"ruby-sample-build","openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.start-policy":"Serial","template":"application-template-custombuild"},"annotations":{"openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.number":"1"},"ownerReferences":[{"apiVersion":"build.openshift.io/v1","kind":"BuildConfig","name":"ruby-sample-build","uid":"c93565d5-ab51-11e8-a63d-fa163ea877c4","controller":true}]},"spec":{"serviceAccount":"builder","source":{"type":"Git","git":{"uri":"https://github.com/openshift/ruby-hello-world.git","httpProxy":"http://file.rdu.redhat.com:3128","httpsProxy":"https://file.rdu.redhat.com:3128"}},"strategy":{"type":"Custom","customStrategy":{"from":{"kind":"DockerImage","name":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},"env":[{"name":"OPENSHIFT_CUSTOM_BUILD_BASE_IMAGE","value":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},{"name":"HTTP_PROXY","value":"http://file.rdu.redhat.com:3128"},{"name":"HTTPS_PROXY","value":"https://file.rdu.redhat.com:3128"}],"exposeDockerSocket":true}},"output":{"to":{"kind":"DockerImage","name":"docker-registry.default.svc:5000/wewang1/origin-ruby-sample:latest"},"pushSecret":{"name":"builder-dockercfg-nx627"}},"resources":{},"postCommit":{"args":["bundle","exec","rake","test"]},"nodeSelector":null,"triggeredBy":[{"message":"Build configuration change"}]},"status":{"phase":"New","outputDockerImageReference":"docker-registry.default.svc:5000/wewang1/origin-ruby-sample:latest","config":{"kind":"BuildConfig","namespace":"wewang1","name":"ruby-sample-build"},"output":{}}}
SOURCE_REPOSITORY=https://github.com/openshift/ruby-hello-world.git
SOURCE_URI=https://github.com/openshift/ruby-hello-world.git
HTTP_PROXY=http://file.rdu.redhat.com:3128
HTTPS_PROXY=https://file.rdu.redhat.com:3128
Comment 7 errata-xmlrpc 2018-10-11 07:24:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:2652
Note You need to log in before you can comment on or make changes to this bug.