1

When I try to build my project I get the following error as the only thing in the console

error: cannot setup source secret: no auth handler was found for secrets in /var/run/secrets/openshift.io/source

Immediately after the event "Build Started". I honestly have no idea what this error means and can't find anything about it. I suspect it may have something to do with:

a. It isn't using my package.json and is running into a library issue

b. The program creates internal files normally and it can't make those(I already tried adding a volume as far as I could tell) Tried running a console.log before that and it didn't work so I don't think this is it.

c. Something to do with needing a push/pull secret?

Any help would be appreciated

Would also like to add, using the key in-context maker on the build configuration does not work, I get a fetch source error. But going into Resources and making a generic secret does. Any advice on that would be great too

Aidan
  • 413
  • 3
  • 22
  • I have the same problem, I suppose it has something to do with secret loading, but can't find the problem yet, when I solve it I'll post here. – Santiago Apr 23 '19 at 14:55
  • I loaded the keys again from the project properties UI and it worked, I don't know exactly why – Santiago Apr 23 '19 at 15:56
  • I'll try it when I get home, thanks – Aidan Apr 23 '19 at 17:07
  • Can you tell me what you mean be the project properties UI? – Aidan Apr 23 '19 at 20:48
  • I'm sorry I wasn't clear. You should to the web console, and then to builds>builds click on your build and on the actions menu select "edit". Now on the "source configuration" click "advanced options" and on "source secret" don't select anything and click "create new secret". There you can upload your cert or password. That was what worked for me, let me know if it works for you and I'll post it as an answer. – Santiago May 01 '19 at 18:21
  • you may also need to remove previous secrets – Santiago May 01 '19 at 18:22

1 Answers1

0

The reason you get this error is because your Secret object lacks the right 'type'.

You see some examples in Creating Build Inputs

Here's an example that will demonstrate the issue (when used), because it just uses the generic Opaque secret. As such, the build machinery doesn't know how to deal with it (hence, no handler)

oc create secret generic git-build `
  --from-file=ssh-privatekey=openshift_shiny_cameron_laptop

The correct way (if using oc create) is to specify the --type. It is this type that determines that 'ssh-privatekey' is a required key in the secret.

oc create secret generic git-build `
  --type=kubernetes.io/ssh-auth `
  --from-file=ssh-privatekey=openshift_shiny_cameron_laptop

If you want the YAML, it looks something like this:

apiVersion: v1
kind: Secret
metadata:
  name: git-build
  namespace: MY_NAMESPACE
data:
  ssh-privatekey: ...
  ssh-publickey: ... note that this isn't actually used
type: kubernetes.io/ssh-auth

See Types of Secrets for more information of similar values other than kubernetes.io/ssh-auth

Note that you can also use this for specifying a '.gitconfig' key... but if you want to specify a known_hosts key, then you need to use a ConfigMap

Here's an example:

apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
  name: EXAMPLE
spec:
  lookupPolicy:
    local: false
---
kind: BuildConfig
apiVersion: build.openshift.io/v1
metadata:
  name: EXAMPLE
spec:
  source:
    git:
      uri: ssh://git.EXAMPLE/project/example.git
    configMaps:
    - configMap:
        name: git-ssh-config
        destination_dir: .ssh
  strategy:
    dockerStrategy: {}
  output:
    to:
      kind: ImageStreamTag
      name: "EXAMPLE:latest"
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: git-ssh-config
  namespace: shiny
data:
  known_hosts: |
    git.EXAMPLE ssh-rsa ...
Cameron Kerr
  • 1,725
  • 16
  • 23