Description of problem: With 4.7 oc binary, build created using 'oc new-build' command does not contain .spec.source.sourceSecret.name field after adding the automatic source clone secret. It works fine with OCP 4.6. Version-Release number of selected component (if applicable): 4.7 How reproducible: Easy Steps to Reproduce: 1. Try using 4.6 oc binary export OC='~/oc46/oc' # export OC='~/oc47/oc' ${OC} new-project foo ${OC} version ${OC} create secret generic foo --from-file=ssh-privatekey=ssh-key --type=kubernetes.io/ssh-auth ${OC} secret link builder foo ${OC} annotate secret foo "build.openshift.io/source-secret-match-uri-1=ssh://github.com:22/user/*" ${OC} new-build ruby~ssh://git:22/user/repo.git --name=foo ${OC} logs bc/foo --follow ${OC} delete project foo 2. Try using 4.7 oc binary # export OC='~/oc46/oc' export OC='~/oc47/oc' ${OC} new-project foo ${OC} version ${OC} create secret generic foo --from-file=ssh-privatekey=ssh-key --type=kubernetes.io/ssh-auth ${OC} secret link builder foo ${OC} annotate secret foo "build.openshift.io/source-secret-match-uri-1=ssh://github.com:22/user/*" ${OC} new-build ruby~ssh://git:22/user/repo.git --name=foo ${OC} logs bc/foo --follow ${OC} delete project foo Actual results: 4.6 oc binary works fine and 4.7 fails with "error: Host key verification failed". Expected results: It should work with oc 4.7 as well. Additional info:
Sending this over to build team who owns that bit of oc code.
VERIFIED =============== ✘ jsingh@fugaku ~/.ssh ls id_ecdsa id_ecdsa.pub id_ed25519 id_ed25519.pub id_rsa id_rsa.pub known_hosts known_hosts.old ✘ jsingh@fugaku ~/.ssh oc create secret generic foo --from-file=id=ssh-key --type=kubernetes.io/ssh-auth ✘ jsingh@fugaku ~/.ssh oc create secret generic foo --from-file=ssh-privatekey=id_ed25519 --type=kubernetes.io/ssh-auth secret/foo created jsingh@fugaku ~/.ssh oc secret link builder foo ✘ jsingh@fugaku ~/.ssh oc annotate secret foo "build.openshift.io/source-secret-match-uri-1=ssh://github.com:22/jitendar-singh/*" secret/foo annotated jsingh@fugaku ~/.ssh oc new-build ruby~ssh://git:22/jitendar-singh/repo.git --name=foo --> Found image 76ff7f7 (6 days old) in image stream "openshift/ruby" under tag "2.7-ubi8" for "ruby" Ruby 2.7 -------- Ruby 2.7 available as container is a base platform for building and running various Ruby 2.7 applications and frameworks. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. Tags: builder, ruby, ruby27, ruby-27 * A source build using source code from ssh://git:22/jitendar-singh/repo.git will be created * The resulting image will be pushed to image stream tag "foo:latest" * Use 'oc start-build' to trigger a new build --> Creating resources with label build=foo ... imagestream.image.openshift.io "foo" created buildconfig.build.openshift.io "foo" created --> Success jsingh@fugaku ~/.ssh oc logs bc/foo --follow Cloning "ssh://git:22/jitendar-singh/repo.git" ... Commit: 56eb276f78b90488781417874fdd044ddda1e67e (first commit) Author: jsingh <jitsingh> Date: Wed Aug 11 11:38:05 2021 +0530 Caching blobs under "/var/cache/blobs". Getting image source signatures Copying blob sha256:296e14ee24149e14d573a1fbf5b5a625c7bb0cc22f5b2a8b180e833258187948 Copying blob sha256:359fed170a21fd169953d50193bb1b9405d5e827bed42a220d154cadf794ac23 Copying blob sha256:19c7e0d23e1f527cfe0a0de0641d5988ce8188bea662289c92599c1d2a217614 Copying blob sha256:356f18f3a935b2f226093720b65383048249413ed99da72c87d5be58cc46661c Copying blob sha256:d472b109c9e4f1d44ba736dcadfdeed96b11531be00a0ed86f536668c374f19c Copying config sha256:76ff7f7ad4697e5e7246e66dfdcde414073905f6fd14d88f5a85521a1c39ee57 Writing manifest to image destination Storing signatures Generating dockerfile with builder image image-registry.openshift-image-registry.svc:5000/openshift/ruby@sha256:7eb161302275c7c895ba89d155548728e63dd7a1157015d60bc915b53347a29b STEP 1: FROM image-registry.openshift-image-registry.svc:5000/openshift/ruby@sha256:7eb161302275c7c895ba89d155548728e63dd7a1157015d60bc915b53347a29b STEP 2: LABEL "io.openshift.build.commit.message"="first commit" "io.openshift.build.source-location"="ssh://git:22/jitendar-singh/repo.git" "io.openshift.build.image"="image-registry.openshift-image-registry.svc:5000/openshift/ruby@sha256:7eb161302275c7c895ba89d155548728e63dd7a1157015d60bc915b53347a29b" "io.openshift.build.commit.author"="jsingh <jitsingh>" "io.openshift.build.commit.date"="Wed Aug 11 11:38:05 2021 +0530" "io.openshift.build.commit.id"="56eb276f78b90488781417874fdd044ddda1e67e" "io.openshift.build.commit.ref"="main" STEP 3: ENV OPENSHIFT_BUILD_NAME="foo-1" OPENSHIFT_BUILD_NAMESPACE="foo" OPENSHIFT_BUILD_SOURCE="ssh://git:22/jitendar-singh/repo.git" OPENSHIFT_BUILD_COMMIT="56eb276f78b90488781417874fdd044ddda1e67e" STEP 4: USER root STEP 5: COPY upload/src /tmp/src STEP 6: RUN chown -R 1001:0 /tmp/src time="2021-08-11T06:22:10Z" level=warning msg="Path \"/run/secrets/etc-pki-entitlement\" from \"/etc/containers/mounts.conf\" doesn't exist, skipping" time="2021-08-11T06:22:10Z" level=warning msg="Path \"/run/secrets/redhat.repo\" from \"/etc/containers/mounts.conf\" doesn't exist, skipping" STEP 7: USER 1001 STEP 8: RUN /usr/libexec/s2i/assemble time="2021-08-11T06:22:11Z" level=warning msg="Path \"/run/secrets/etc-pki-entitlement\" from \"/etc/containers/mounts.conf\" doesn't exist, skipping" time="2021-08-11T06:22:11Z" level=warning msg="Path \"/run/secrets/redhat.repo\" from \"/etc/containers/mounts.conf\" doesn't exist, skipping" ---> Installing application source ... ---> Building your Ruby application from source ... WARNING: Rubygem Rack is not installed in the present image. Add rack to your Gemfile in order to start the web server. STEP 9: CMD /usr/libexec/s2i/run STEP 10: COMMIT temp.builder.openshift.io/foo/foo-1:0e03ab97 Getting image source signatures Copying blob sha256:e39c3abf0df93fca44921f3548fcf6e139afdcb2ac9b7baa6c47b39f87113b32 Copying blob sha256:8f26704f753cbe8b20afc01e97a4cb652befe26791b4d33193afc99ce544ebf5 Copying blob sha256:83310c7c677cb8ade9613896d0dc2f68f905792407d9b175801221756dfd3016 Copying blob sha256:694adc66f3fa07d76b12086cc88422f8d60894559536ffab50e0030fd7fa91c6 Copying blob sha256:832243b96ad61ec5bc3b8e4f66425224d2268820c0d0c66265e0d8f418902789 Copying blob sha256:73bc48343153efd0ae1864892a4caf05cc85a8faa991736eca3d8ccc974ff720 Copying config sha256:2b6e5871802acb323b0e9f1ef54817adaf6988b4e2921159e11a9470f6bb518e Writing manifest to image destination Storing signatures --> 2b6e5871802 2b6e5871802acb323b0e9f1ef54817adaf6988b4e2921159e11a9470f6bb518e Getting image source signatures Pushing image image-registry.openshift-image-registry.svc:5000/foo/foo:latest ... Copying blob sha256:73bc48343153efd0ae1864892a4caf05cc85a8faa991736eca3d8ccc974ff720 Copying blob sha256:359fed170a21fd169953d50193bb1b9405d5e827bed42a220d154cadf794ac23 Copying blob sha256:296e14ee24149e14d573a1fbf5b5a625c7bb0cc22f5b2a8b180e833258187948 Copying blob sha256:d472b109c9e4f1d44ba736dcadfdeed96b11531be00a0ed86f536668c374f19c Copying blob sha256:19c7e0d23e1f527cfe0a0de0641d5988ce8188bea662289c92599c1d2a217614 Copying blob sha256:356f18f3a935b2f226093720b65383048249413ed99da72c87d5be58cc46661c Copying config sha256:2b6e5871802acb323b0e9f1ef54817adaf6988b4e2921159e11a9470f6bb518e Writing manifest to image destination Storing signatures Successfully pushed image-registry.openshift-image-registry.svc:5000/foo/foo@sha256:559924d185bf36e2a7a32d8f955e1d7d146c3a80304c7f9a7a920db96683e04c Push successful
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759