Description of problem: Creating new app from a private git repository (tested with GitHub) using basic auth does not work. Version-Release number of selected component (if applicable): ~~~ oc version Client Version: 4.8.0-202108312109.p0.git.0d10c3f.assembly.stream-0d10c3f Server Version: 4.9.17 Kubernetes Version: v1.22.3+e790d7f ~~~ Requirements to reproduce the issue: - GitHub account - OpenShift Cluster Steps to Reproduce: 1. Create a private repository on GitHub 2. Create a GitHub personal access token [1] 3. Create `kubernetes.io/basic-auth` secret ~~~ $ oc create secret generic user-at-github --from-literal=username=<github_username> --from-literal=password=<github_token> --type=kubernetes.io/basic-auth ~~~ 4. Link secret to builder ServiceAccount ~~~ $ oc secrets link builder user-at-github --for=pull,mount ~~~ 5. Create a new app from the private GH repo ~~~ $ oc new-app --source-secret=user-at-github https://github.com/<github_username>/<github_repo> ~~~ [1] https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token Actual results: ~~~ oc new-app --source-secret=user-at-github https://github.com/gmeghnag/prinquest -v=4 I0209 16:17:29.640935 38700 repository.go:450] Executing git ls-remote https://github.com/gmeghnag/prinquest I0209 16:17:30.139123 38700 repository.go:541] Error executing command: exit status 128 I0209 16:17:30.139457 38700 repository.go:450] Executing git ls-remote https://github.com/gmeghnag/prinquest I0209 16:17:30.662849 38700 repository.go:541] Error executing command: exit status 128 I0209 16:17:30.663037 38700 repository.go:450] Executing git ls-remote https://github.com/gmeghnag/prinquest I0209 16:17:31.121662 38700 repository.go:541] Error executing command: exit status 128 I0209 16:17:31.122081 38700 newapp.go:346] treating https://github.com/gmeghnag/prinquest as a component ref I0209 16:17:31.122506 38700 imagestreamlookup.go:49] image streams must be of the form [<namespace>/]<name>[:<tag>|@<digest>], term "https://github.com/gmeghnag/prinquest" did not qualify I0209 16:17:31.122578 38700 templatelookup.go:39] template references must be of the form [<namespace>/]<name>, term "https://github.com/gmeghnag/prinquest" did not qualify error: unable to load template file "https://github.com/gmeghnag/prinquest": unable to read URL "https://github.com/gmeghnag/prinquest", server reported 404 Not Found, status code=404 error: git ls-remote failed with: remote: Repository not found. fatal: repository 'https://github.com/gmeghnag/prinquest/' non trovato; local file access failed with: stat https://github.com/gmeghnag/prinquest: no such file or directory error: unable to locate any images in image streams, templates loaded in accessible projects, template files, local docker images with name "https://github.com/gmeghnag/prinquest" Argument 'https://github.com/gmeghnag/prinquest' was classified as an image, image~source, or loaded template reference. The 'oc new-app' command will match arguments to the following types: 1. Images tagged into image streams in the current project or the 'openshift' project - if you don't specify a tag, we'll add ':latest' 2. Images in the Docker Hub, on remote registries, or on the local Docker engine 3. Templates in the current project or the 'openshift' project 4. Git repository URLs or local paths that point to Git repositories --allow-missing-images can be used to point to an image that does not exist yet. See 'oc new-app -h' for examples. ~~~ Expected results: To have all the required resources created (build, buildconfig, ecc..) Additional info: 1. I have the same issue trying to create a new app from the OpenShift Console (Developer Console > Add + > Import from Git > ...) with the following error: ~~~ URL is valid but cannot be reached. If this is a private repository, enter a source Secret in advanced Git options ~~~ 2. Is not an issue related to the creds I've provided: ~~~ $ GH_USERNAME=$(oc get secret/user-at-github -o template='{{index .data.username}}' | base64 -d ) $ GH_PASSWORD=$(oc get secret/user-at-github -o template='{{index .data.password}}' | base64 -d ) $ git clone https://${GH_USERNAME}:${GH_PASSWORD}@github.com/gmeghnag/prinquest.git Clone in 'prinquest' in corso... remote: Enumerating objects: 26, done. remote: Counting objects: 100% (26/26), done. remote: Compressing objects: 100% (17/17), done. remote: Total 26 (delta 8), reused 20 (delta 5), pack-reused 0 Ricezione degli oggetti: 100% (26/26), fatto. Risoluzione dei delta: 100% (8/8), fatto. ~~~ 3. Using `ssh-auth` instead of `basic-auth` as authentication method works: 3.1 ssh-keygen -f git-cred -N '' 3.2 oc create secret generic git-cred --type=kubernetes.io/ssh-auth --from-file=ssh-privatekey=${PWD}/git-cred.pub 3.3 oc secrets link builder git-cred 3.4 from GitHub repository > Settings > Deploy Keys > Add Deploy Key (paste the content of the file git-cred.pub) 3.5 oc new-app git:<username>/<repo_name>.git --source-secret git-cred
verified with 4.11 image --------------- - clone the private repo using credential - try to create the application
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069