Description of problem: Cannot pull source repo for custom build in behind proxy env:Acutally custom build pod has included proxy envs which come from master-config.yaml [wzheng@laptop test]$ oc get builds NAME TYPE FROM STATUS STARTED DURATION ruby-sample-build-1 Custom Git Failed (GenericBuildFailed) 3 minutes ago 9s [wzheng@laptop test]$ oc logs builds/ruby-sample-build-1 Could not access source url: https://github.com/openshift/ruby-hello-world.git Version-Release number of selected component (if applicable): openshift v3.11.0-0.11.0 How reproducible: always Steps to Reproduce: 1.On behind proxy env, create custom build oc process -f application-template-custombuild.json| oc create -f - 2. 3. Actual results: Build is failed Expected results: Build should complete Additional info: $ oc set env pods --all --list | grep proxy BUILD={"kind":"Build","apiVersion":"build.openshift.io/v1","metadata":{"name":"ruby-sample-build-1","namespace":"wzheng3","selfLink":"/apis/build.openshift.io/v1/namespaces/wzheng3/builds/ruby-sample-build-1","uid":"98cab599-9a19-11e8-9a37-fa163e008cff","resourceVersion":"636396","creationTimestamp":"2018-08-07T08:12:16Z","labels":{"buildconfig":"ruby-sample-build","name":"ruby-sample-build","openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.start-policy":"Serial","template":"application-template-custombuild"},"annotations":{"openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.number":"1"},"ownerReferences":[{"apiVersion":"build.openshift.io/v1","kind":"BuildConfig","name":"ruby-sample-build","uid":"9f96b90a-9a19-11e8-8604-fa163e21c876","controller":true}]},"spec":{"serviceAccount":"builder","source":{"type":"Git","git":{"uri":"https://github.com/openshift/ruby-hello-world.git","httpProxy":"http://file.rdu.redhat.com:3128","httpsProxy":"http://file.rdu.redhat.com:3128","noProxy":".centralci.eng.rdu2.redhat.com,.cluster.local,.lab.sjc.redhat.com,.svc,10.14.89.4,169.254.169.254,172.16.120.13,172.16.120.19,172.16.120.43,172.31.0.1,preserve-s1share311-lb-1,preserve-s1share311-master-etcd-1,preserve-s1share311-master-etcd-2,preserve-s1share311-master-etcd-3,preserve-s1share311-node-1,preserve-s1share311-node-2,preserve-s1share311-node-3,preserve-s1share311-nrr-1,preserve-s1share311-nrr-2,preserve-s1share311-nrr-3"}},"strategy":{"type":"Custom","customStrategy":{"from":{"kind":"DockerImage","name":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},"env":[{"name":"OPENSHIFT_CUSTOM_BUILD_BASE_IMAGE","value":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},{"name":"HTTP_PROXY","value":"http://file.rdu.redhat.com:3128"},{"name":"HTTPS_PROXY","value":"http://file.rdu.redhat.com:3128"},{"name":"NO_PROXY","value":".centralci.eng.rdu2.redhat.com,.cluster.local,.lab.sjc.redhat.com,.svc,10.14.89.4,169.254.169.254,172.16.120.13,172.16.120.19,172.16.120.43,172.31.0.1,preserve-s1share311-lb-1,preserve-s1share311-master-etcd-1,preserve-s1share311-master-etcd-2,preserve-s1share311-master-etcd-3,preserve-s1share311-node-1,preserve-s1share311-node-2,preserve-s1share311-node-3,preserve-s1share311-nrr-1,preserve-s1share311-nrr-2,preserve-s1share311-nrr-3"},{"name":"http_proxy","value":"http://file.rdu.redhat.com:3128"},{"name":"https_proxy","value":"http://file.rdu.redhat.com:3128"},{"name":"no_proxy","value":".centralci.eng.rdu2.redhat.com,.cluster.local,.lab.sjc.redhat.com,.svc,10.14.89.4,169.254.169.254,172.16.120.13,172.16.120.19,172.16.120.43,172.31.0.1,preserve-s1share311-lb-1,preserve-s1share311-master-etcd-1,preserve-s1share311-master-etcd-2,preserve-s1share311-master-etcd-3,preserve-s1share311-node-1,preserve-s1share311-node-2,preserve-s1share311-node-3,preserve-s1share311-nrr-1,preserve-s1share311-nrr-2,preserve-s1share311-nrr-3"}],"exposeDockerSocket":true}},"output":{"to":{"kind":"DockerImage","name":"docker-registry.default.svc:5000/wzheng3/origin-ruby-sample:latest"},"pushSecret":{"name":"builder-dockercfg-n8d7q"}},"resources":{},"postCommit":{"args":["bundle","exec","rake","test"]},"nodeSelector":null,"triggeredBy":[{"message":"Image change","imageChangeBuild":{"imageID":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea","fromRef":{"kind":"ImageStreamTag","name":"origin-custom-docker-builder:latest"}}}]},"status":{"phase":"New","outputDockerImageReference":"docker-registry.default.svc:5000/wzheng3/origin-ruby-sample:latest","config":{"kind":"BuildConfig","namespace":"wzheng3","name":"ruby-sample-build"},"output":{}}}
> Actually custom build pod has included proxy envs which come from master-config.yaml Are you saying you would not expect to see the HTTP_PROXY env vars set in the custom build pod and that their presence is breaking things?
I mean even the HTTP_PROXY and HTTPS_PROXY env vars set in the custom build pod, but it still cannot get source repo.
https://github.com/openshift/origin/pull/20574
Verified in openshift v3.11.0-0.24.0, custom build is complete behind proxy env steps: 1. Enable custom build $ oc adm policy add-cluster-role-to-group system:build-strategy-custom 2.Create apps $ oc new-app -f https://raw.githubusercontent.com/openshift/origin/master/examples/sample-app/application-template-custombuild.json $ oc get builds NAME TYPE FROM STATUS STARTED DURATION ruby-sample-build-1 Custom Git Complete 23 seconds ago 23 $ oc set env pods --list --all ^C [wewang@wen-local cucushift]$ [wewang@wen-local cucushift]$ oc set env pods --list --all |grep http BUILD={"kind":"Build","apiVersion":"build.openshift.io/v1","metadata":{"name":"ruby-sample-build-1","namespace":"wewang1","selfLink":"/apis/build.openshift.io/v1/namespaces/wewang1/builds/ruby-sample-build-1","uid":"c94e0d79-ab51-11e8-a63d-fa163ea877c4","resourceVersion":"34869","creationTimestamp":"2018-08-29T06:07:19Z","labels":{"app":"ruby-helloworld-sample","buildconfig":"ruby-sample-build","name":"ruby-sample-build","openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.start-policy":"Serial","template":"application-template-custombuild"},"annotations":{"openshift.io/build-config.name":"ruby-sample-build","openshift.io/build.number":"1"},"ownerReferences":[{"apiVersion":"build.openshift.io/v1","kind":"BuildConfig","name":"ruby-sample-build","uid":"c93565d5-ab51-11e8-a63d-fa163ea877c4","controller":true}]},"spec":{"serviceAccount":"builder","source":{"type":"Git","git":{"uri":"https://github.com/openshift/ruby-hello-world.git","httpProxy":"http://file.rdu.redhat.com:3128","httpsProxy":"https://file.rdu.redhat.com:3128"}},"strategy":{"type":"Custom","customStrategy":{"from":{"kind":"DockerImage","name":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},"env":[{"name":"OPENSHIFT_CUSTOM_BUILD_BASE_IMAGE","value":"openshift/origin-custom-docker-builder@sha256:5931170ddf8dcdbbd482b44e8ec1ba156cf07423548a403b5dc1340ed7dfecea"},{"name":"HTTP_PROXY","value":"http://file.rdu.redhat.com:3128"},{"name":"HTTPS_PROXY","value":"https://file.rdu.redhat.com:3128"}],"exposeDockerSocket":true}},"output":{"to":{"kind":"DockerImage","name":"docker-registry.default.svc:5000/wewang1/origin-ruby-sample:latest"},"pushSecret":{"name":"builder-dockercfg-nx627"}},"resources":{},"postCommit":{"args":["bundle","exec","rake","test"]},"nodeSelector":null,"triggeredBy":[{"message":"Build configuration change"}]},"status":{"phase":"New","outputDockerImageReference":"docker-registry.default.svc:5000/wewang1/origin-ruby-sample:latest","config":{"kind":"BuildConfig","namespace":"wewang1","name":"ruby-sample-build"},"output":{}}} SOURCE_REPOSITORY=https://github.com/openshift/ruby-hello-world.git SOURCE_URI=https://github.com/openshift/ruby-hello-world.git HTTP_PROXY=http://file.rdu.redhat.com:3128 HTTPS_PROXY=https://file.rdu.redhat.com:3128
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:2652