Comments (10)
I could be wrong but maybe this might help: #968 (comment)
from build.
@SihengCui when you created the secret, where xxxx
plain text or base64 encoded ? It should be the latter, or you use stringData to provide plain-text and the Kubernetes will encode it. Above mentioned PR improves our documentation as passwords are not supported anymore, but instead it must be a token.
from build.
@SihengCui when you created the secret, where
xxxx
plain text or base64 encoded ? It should be the latter, or you use stringData to provide plain-text and the Kubernetes will encode it. Above mentioned PR improves our documentation as passwords are not supported anymore, but instead it must be a token.
emmm.. Do you mean that the password field is filled with the token string? But the git repo is a private Bitbucket. It seems that there is only password. In this case, is there any way to pass the certification?
from build.
I have never used BitBucket, but seems like will need some (doc?) changes based on https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/#Cloning-a-repository-with-an-access-token. @SihengCui can you try what happens when you put x-token-auth as username into the secret and your access token as password?
from build.
I have never used BitBucket, but seems like will need some (doc?) changes based on https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/#Cloning-a-repository-with-an-access-token. @SihengCui can you try what happens when you put x-token-auth as username into the secret and your access token as password?
There are something different with git repo using HTTP or HTTPS protocol.
I chose a non-existing domain as my repo address git.sihengcui.com
.
url: http://git.sihengcui.com/scm/serverless-example.git
2022/10/10 08:46:24 Info: ssh (/usr/bin/ssh): OpenSSH_8.0p1, OpenSSL 1.1.1k FIPS 25 Mar 2021
2022/10/10 08:46:24 Info: git (/usr/bin/git): git version 2.31.1
2022/10/10 08:46:24 Info: git-lfs (/usr/bin/git-lfs): git-lfs/2.13.3 (GitHub; linux amd64; go 1.17.5)
2022/10/10 08:46:24 /usr/bin/git clone -h
2022/10/10 08:46:24 /usr/bin/git submodule -h
2022/10/10 08:46:24 Unsupported type of credentials provided, either SSH private key or username/password is supported (exit code 110)
After that I just modified http to https.
url: https://git.sihengcui.com/scm/serverless-example.git
It did not prompt "Unsupported type".
2022/10/10 08:51:10 Info: ssh (/usr/bin/ssh): OpenSSH_8.0p1, OpenSSL 1.1.1k FIPS 25 Mar 2021
2022/10/10 08:51:10 Info: git (/usr/bin/git): git version 2.31.1
2022/10/10 08:51:10 Info: git-lfs (/usr/bin/git-lfs): git-lfs/2.13.3 (GitHub; linux amd64; go 1.17.5)
2022/10/10 08:51:10 /usr/bin/git clone -h
2022/10/10 08:51:10 /usr/bin/git submodule -h
2022/10/10 08:51:10 /usr/bin/git clone --quiet --no-tags --single-branch --branch master --depth 1 -c credential.helper=store --file /tmp/cred-helper-file3502023043 -- https://git.sihengcui.com/scm/serverless-example.git /workspace/source
2022/10/10 08:51:11 fatal: unable to access 'https://git.sihengcui.com/scm/serverless-example.git/': Could not resolve host: git.sihengcui.com (exit code 128)
Could this be the cause ?
from build.
I have never used BitBucket, but seems like will need some (doc?) changes based on https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/#Cloning-a-repository-with-an-access-token. @SihengCui can you try what happens when you put x-token-auth as username into the secret and your access token as password?
I put access token as password. And success pull the private repository from my github. So I am sure the format of the secret is correct. When the url is replaced with http://bitbucket.xxxxx
, even if the username and token are not replaced, a 401 authentication error should be returned instead of Unsupported type.
from build.
From grooming:
- We do not want to send username/password credentials using a cleartext protocol like HTTP. We should improve the error message, though. -> #1131
- We need to verify https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/#Cloning-a-repository-with-an-access-token. Today, when somebody clones using HTTPS with username/password, then we use Git's credential helper. But we don't know how this maps to the Git clone command. To be checked, fixed if necessary, and updated in the docs if appropriate. -> #1132
- We should also check if somebody really does what BitBucket does = putting credentials into the
.spec.source.url
field of the Build. This will maybe work, but we will also likely leak the password in the logs of the source-default step. Though, it should generally not be recommended to do this at all because the password is then unencrypted in etcd. Maybe also worth a hint in the docs. -> #1133
from build.
Hi @SihengCui, if possible, can you help me by providing the exact yaml files you used as a step to reproduce this problem?
I want to try fixing this but I notice you've added a few 'xxx' in parts of the yaml file above and I'm not sure which values to add there.
from build.
Hi @SihengCui, if possible, can you help me by providing the exact yaml files you used as a step to reproduce this problem? I want to try fixing this but I notice you've added a few 'xxx' in parts of the yaml file above and I'm not sure which values to add there.
That's a private git address on an internal network. If you need to reproduce the problem, just request any of the HTTP repositories. NOT https
from build.
That's a private git address on an internal network. If you need to reproduce the problem, just request any of the HTTP repositories. NOT https
Awesome, I'll do that. Thank you!
from build.
Related Issues (20)
- [BETA API] Some Go fields use a name that does not match the name of the JSON field
- [FEATURE] Revisit Go imports HOT 1
- [FEATURE] Set spec.source.type as mandatory field
- [BUG] Public calendar invite link is broken
- [FEATURE] Update to Go 1.21
- [FEATURE] Bugfix (z-stream) for v0.12.0 HOT 1
- [BUG] v0.12.0 impacted by CVE-2023-49569 HOT 3
- [BUG] Order of Local Source between Builds and BuildRuns HOT 1
- [FEATURE] Improve on buildCredentialserences function name HOT 2
- [FEATURE] Move Readme Try It Section to BETA HOT 5
- [FEATURE] v0.13 Bump Tekton and Kubernetes dependencies
- [FEATURE] Document usage of OCIArtifact source type HOT 2
- [BUG] Endless reconcile of build when strategy kind is unknown
- [SHIP-0038] Use Release Branches for Releasing HOT 4
- [tech-debt] Release Workflow Action No Longer Maintained
- [BUG] BuildStrategy: Cannot Use Context Dir as Working Directory HOT 4
- [FEATURE] Conditional step HOT 1
- [FEATURE] Build Strategy from Tekton Task/Pipeline HOT 1
- [BUG] Automatic release README update needs to be fixed HOT 4
- [FEATURE] Provide Storage Version Migration from v1alpha1 to v1beta1 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from build.