Open Shift(minishift)并使用bitbucket repo运行buildConfig失败

时间:2018-04-24 12:37:54

标签: git openshift

我在Windows 10上运行minishift。当我运行buildConfig时,我收到以下错误:

Cloning "ssh://git@bitbucket.internal:29470/sam/my-repo" ...
error: ssh: connect to host bitbucket.internal port 29470: Network is unreachable
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.

我的bc yaml文件在哪里:

apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
  creationTimestamp: '2018-04-24T11:31:00Z'
  labels:
    app: my-app
  name: my-bc
  namespace: myproject
  resourceVersion: '5808'
  selfLink: >-
    /apis/build.openshift.io/v1/namespaces/myproject/buildconfigs/my-bc
  uid: f68edfac-47b2-11e8-9c8e-080027ebf287
spec:
  failedBuildsHistoryLimit: 5
  nodeSelector: null
  output:
    to:
      kind: ImageStreamTag
      name: 'sample:1.0.0'
      namespace: myproject
  postCommit: {}
  resources: {}
  runPolicy: Serial
  source:
    contextDir: images/test
    git:
      ref: myfeature
      uri: 'ssh://git@bitbucket.internal:29470/sam/my-repo'
    sourceSecret:
      name: bitbucket-secret
    type: Git
  strategy:
    dockerStrategy:
      dockerfilePath: Dockerfile
    type: Docker
  successfulBuildsHistoryLimit: 5
  triggers: []
status:
  lastVersion: 16

我创建了一个秘密: bitbucket-secret ,其中包含我的私人密钥:ssh://git@bitbucket.internal:29470/sam/my-repo,然后运行:

oc secrets link builder repo-at-bitbucket
oc secrets add serviceaccount/builder secrets/repo-at-bitbucket

有关为什么buildconfig失败并出现提取错误的任何想法,即使我使用工作私钥指定了一个秘密(从命令行测试)?

正如下面建议我认为原因是我的pod没有访问bitbucket.internal的权限:29470但我无法运行pod和oc rsh。我明白了:

oc get pods
NAME                         READY     STATUS       RESTARTS   AGE
my-bc-14-build   0/1       Init:Error   0          18h
my-bc-15-build   0/1       Init:Error   0          18h

有没有一种简单的方法可以在minishift中启动pod并使其保持活力?

1 个答案:

答案 0 :(得分:0)

Openshift ssh authentication文档提及:

  

将密钥添加到构建器服务帐户。每个构建都以serviceaccount/builder角色运行,因此您需要使用以下命令让它访问您的秘密:

oc secrets add serviceaccount/builder secrets/sshsecret
  

将sourceSecret字段添加到BuildConfig内的源部分,并将其设置为您创建的密码的名称。在这种情况下,sshsecret:

apiVersion: "v1"
kind: "BuildConfig"
metadata:
  name: "sample-build"
spec:
  output:
    to:
      kind: "ImageStreamTag"
      name: "sample-image:latest"
  source:
    git:
      uri: "git@repository.com:user/app.git" 
    sourceSecret:                              <=====
      name: "sshsecret"                        <===== 
    type: "Git"
  ...

在您的情况下,请确保至少将sourceSecret添加到您的git源。

相关问题
最新问题