Uploaded image for project: 'OpenShift Pipelines'
  1. OpenShift Pipelines
  2. SRVKP-7882

Multiple credentials (ssh keys) are not supported for Git authentication

XMLWordPrintable

    • 3
    • False
    • False
    • Hide

      1) Create a pipeline which does following tasks.

      2) Clone two separate Git repositories (git-pull-1, git-pull-2) and Push to a third repository (git-push-3)

      3) All three repositories are hosted on their internal Git server, each requiring a different SSH key for authentication.

      4) Create secrets attached to the Pipeline's ServiceAccount and annotate them with tekton.dev/git-0, tekton.dev/git-1, and tekton.dev/git-2, each pointing to the internal Git server [1].

      5) However, only the first repo (git-0) successfully clones, while the others fail with access errors.

      [1] https://github.com/tektoncd/pipeline/blob/main/docs/auth.md#understanding-credential-selection

      Show
      1) Create a pipeline which does following tasks. 2) Clone two separate Git repositories (git-pull-1, git-pull-2) and Push to a third repository (git-push-3) 3) All three repositories are hosted on their internal Git server, each requiring a different SSH key for authentication. 4) Create secrets attached to the Pipeline's ServiceAccount and annotate them with tekton.dev/git-0, tekton.dev/git-1, and tekton.dev/git-2, each pointing to the internal Git server [1] . 5) However, only the first repo (git-0) successfully clones, while the others fail with access errors. [1]   https://github.com/tektoncd/pipeline/blob/main/docs/auth.md#understanding-credential-selection
    • Pipelines Sprint Tekshift 35, Pipelines Sprint Tekshift 36, Pipelines Sprint Tekshift 37

      Description of problem: 

      Requirement -: Need to configure authentication details for multiple gitrepos

      Secrets were created and attached to the Pipeline's ServiceAccount and annotated with tekton.dev/git-0, tekton.dev/git-1, and tekton.dev/git-2, each having different ssh keys. However only code only chooses the first key ignores the rest

      Prerequisites (if any, like setup, operators/versions):

      Openshift Pipeline Operator

      Steps to Reproduce

      1) Create a pipeline which does following tasks.

      2) Clone two separate Git repositories (git-pull-1, git-pull-2) and Push to a third repository (git-push-3)

      3) All three repositories are hosted on their internal Git server, each requiring a different SSH key for authentication.

      4) Create secrets attached to the Pipeline's ServiceAccount and annotate them with tekton.dev/git-0, tekton.dev/git-1, and tekton.dev/git-2, each pointing to the internal Git server [1].

      5) However, only the first repo (git-0) successfully clones, while the others fail with access errors.

      [1] https://github.com/tektoncd/pipeline/blob/main/docs/auth.md#understanding-credential-selection

      Actual results:  Only first SSH key is validated

      Expected results: All repos are authenticated correctly

      Reproducibility (Always/Intermittent/Only Once):  Always

       

              rh-ee-abghosh Abhishek Ghosh
              rhn-support-sudnair Sudhish Nair
              Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: