-
Bug
-
Resolution: Done
-
Undefined
-
ACM 2.6.0, ACM 2.8.0, ACM 2.7.0
-
None
-
False
-
None
-
False
-
-
-
Important
-
-
-
No
Description of problem:
Unable to make SSH connection to a bitbucket repo on a non-standard ssh port.
The application fails with error:
ssh: handshake failed: knownhosts: key is unknown Failed to git clone with the primary channel: ssh: handshake failed: knownh osts: key is unknown
Version-Release number of selected component (if applicable): ACM 2.6.3
How reproducible: Always
Actual results: Application deployment fails
Expected results: Application should get deployed without any errors.
Additional info:
- Logs:
2023-02-06T18:21:12.040105641Z I0206 18:21:12.039939 1 hub_git.go:408] subscription-hub-reconciler "msg"="Channel config map with CA certs found" 2023-02-06T18:21:12.041143948Z I0206 18:21:12.041096 1 gitrepo.go:225] Connecting to Git server via SSH 2023-02-06T18:21:12.041175652Z I0206 18:21:12.041152 1 gitrepo.go:407] sshhostname = bitbucket.example.com 2023-02-06T18:21:12.041175652Z I0206 18:21:12.041169 1 gitrepo.go:408] sshhostport = 7999 2023-02-06T18:21:12.041198356Z I0206 18:21:12.041186 1 gitrepo.go:410] Getting public SSH host key for bitbucket.example.com 2023-02-06T18:21:12.041329418Z I0206 18:21:12.041305 1 gitrepo.go:416] Running command ssh-keyscan bitbucket.prod.stat -p 7999 2023-02-06T18:21:12.122262450Z I0206 18:21:12.122192 1 gitrepo.go:425] SSH host key: bitbucket.example.com ssh-rsa AAAAy0mJCFWyt23sonLFbAItCjs6mhZ4/1hoJwdKEip2Izjmoir88/HBFUVBBQA9KRER5lPexbMgdXPBkhmFROdlN96FyFMmWqhsugCXJ6566B33r1N34iaJkRGd/hTg Y5lckteCjZ87aO+Z9jlEAQNVQY6ho7fO/YTgmzWUngFY87UiAyLnYKwHlI7uW5TEIqXVJLH9uULjA8D1BX0A8jh 2023-02-06T18:21:12.122262450Z bitbucket.example.com ecdsa-sha2-nistp256 AAANSn39Ma/ptCqJmRIgzQHVqxI38XjhpyCC6 IKjM9ueE= 2023-02-06T18:21:12.122262450Z bitbucket.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTEjh44ZIryEXoyhl 2023-02-06T18:21:12.122448808Z I0206 18:21:12.122393 1 gitrepo.go:464] Using SSH known host keys 2023-02-06T18:21:12.123689163Z E0206 18:21:12.122483 1 gitrepo.go:176] no secondary channel to try 2023-02-06T18:21:12.123689163Z I0206 18:21:12.122493 1 gitrepo.go:294] Cloning ssh://git@bitbucket.prod.stat:7999/ops/generic-ocp4.git into /tmp/ocp-clusters/ocp-base-subscription 2023-02-06T18:21:12.123689163Z I0206 18:21:12.122502 1 gitrepo.go:296] cloneOptions.DestDir = /tmp/ocp-clusters/ocp-base-subscription 2023-02-06T18:21:12.123689163Z I0206 18:21:12.122510 1 gitrepo.go:297] cloneOptions.Branch = refs/heads/1644-tmp 2023-02-06T18:21:12.123689163Z I0206 18:21:12.122520 1 gitrepo.go:298] cloneOptions.CommitHash = 2023-02-06T18:21:12.123689163Z I0206 18:21:12.122528 1 gitrepo.go:299] cloneOptions.RevisionTag = 2023-02-06T18:21:12.123689163Z I0206 18:21:12.122536 1 gitrepo.go:300] cloneOptions.CloneDepth = 0 2023-02-06T18:21:12.142017611Z E0206 18:21:12.140795 1 gitrepo.go:306] ssh: handshake failed: knownhosts: key is unknown Failed to git clone with the primary channel: ssh: handshake failed: knownh osts: key is unknown 2023-02-06T18:21:12.142017611Z E0206 18:21:12.140843 1 hub_git.go:475] subscription-hub-reconciler "msg"="failed to get commitID from initialDownload" "error"="Failed to clone git: ssh://git@bitbu cket.prod.stat:7999/ops/isq-ocp4-cd.git err: ssh: handshake failed: knownhosts: key is unknown" 2023-02-06T18:21:12.142017611Z E0206 18:21:12.140866 1 mcmhub_controller.go:553] subscription-hub-reconciler/ocp-clusters/ocp-base-subscription "msg"="failed to initialize Git connection" "error"= "Failed to clone git: ssh://git@bitbucket.example.com:7999/ops/generic-ocp4.git err: ssh: handshake failed: knownhosts: key is unknown"
2. Issue looks like regression of bug https://bugzilla.redhat.com/show_bug.cgi?id=1973595
3. Channel CR spec details:
spec: configMapRef: name: bitbucket-ca #insecureSkipVerify: true pathname: ssh://git@bitbucket.example.com:7999/ops/generic-ocp4.git secretRef: name: openshift-lecture-access-key type: Git