Closed gajanan-more closed 3 years ago
Can you please add your observations? @amitkrout @chetan-rns
Same issue i am hitting here at in CI too in my pr - https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/redhat-developer_kam/87/pull-ci-redhat-developer-kam-master-v4.5-integration-e2e/1339637350115840000#1:build-log.txt%3A989
Though there is workaround to skip host key verification just by applying the command echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
, however i am not so sure about it as it fails in CI too.
I think we need to look into our kam code base. ping @chetan-rns @bigkevmcd
I am increasing the priority of the issue as it blocks pr #87
I think we need to look into our kam code base. ping @chetan-rns @bigkevmcd
EDIT: Or may be we need to update our doc
/kind bug
/kind bug
/priority High
@gajanan-more I created a new github account to verify it from my mac host. I do not hit the reported failure
$ kam bootstrap --service-repo-url https://github.com/kamuser/taxi --gitops-repo-url https://github.com/kamuser/gitops.git --image-repo quay.io/kamuser/taxi --dockercfgjson ~/Downloads/kam-bot-kambot-auth.json --git-host-access-token ***** --output resources
Checking dependencies
✓ Checking if Sealed Secrets is installed with the default configuration [2s]
✓ Checking if ArgoCD Operator is installed with the default configuration [3s]
✓ Checking if OpenShift Pipelines Operator is installed with the default configuration [3s]
Adding .git to https://github.com/kamuser/taxi
Completing Bootstrap process
✓ Authentication tokens encrypted in secrets
✓ Pipelines tracker has been configured
✓ OpenShift Pipelines resources created
✓ Openshift Route for EventListener created
✓ Created dev, stage and CICD environments
✓ Bootstrapped OpenShift resources successfully
Next Steps:
Please refer to https://github.com/redhat-developer/kam/tree/master/docs to get started.
Amits-MacBook-Pro:kam amit$
@chetan-rns can you please provide more details on how and when ssh configuration is needed for bootstrap command.
@gajanan-more It seems the doc reference https://github.com/redhat-developer/kam/tree/master/docs/journey/day1#bootstrapping-the-manifest is not updated. I verified the bootstrap command with and without --push-to-git=true
flag.
Basically --push-to-git=true
flag uses SSH protocol to communicate with Git server and and create and push bootstrap files into the gitops repo. Please follow the steps when you are using --push-to-git=true
for first time from your host machine
Step 1: Crate a SSH key pair if not present.
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:juKCKePlPZm+j1zRDAnr4dbEkN+6FvZqkRxUdct+NGA root@81588f058dd5
The key's randomart image is:
+---[RSA 2048]----+
| o. .... E |
| .=.. + o |
| oo=. o o |
| o +o+. . . .|
| +.oSo . . |
| . X. . |
| o .. =.* |
|= +.o=o+ . |
|oo oo**o. |
+----[SHA256]-----+
# cat /root/.ssh/id_rsa.pub
ssh-rsa ****
Step 2: Create a new SSH key in your GitHub account
Login into your github account -> settings -> SSH and GPG Keys -> Click on New SSH key -> Give any title and paste the id_rsa.pub
content in key field.
Step 3: Login into the openshift cluster
# oc login -u kubeadmin -p **** <api-server>
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y
Login successful.
You have access to 61 projects, the list has been suppressed. You can list all projects with ' projects'
Using project "default".
Welcome! See 'oc help' to get started.
Step 4: Install the pre-req for bootstrap command to run. Refer - https://github.com/redhat-developer/kam/tree/master/docs/journey/day1#day-1-operations
Step 5: Run the bootstrap command
# kam bootstrap --service-repo-url https://github.com/<your-githubuser>/taxi --gitops-repo-url https://github.com/<your-githubuser>/gitops.git --image-repo quay.io/<your-githubuser>/taxi --dockercfgjson <bot-docker-config-file> --git-host-access-token ****** --output resources --push-to-git=true
Checking dependencies
✓ Checking if Sealed Secrets is installed with the default configuration [803ms]
✓ Checking if ArgoCD Operator is installed with the default configuration [2s]
✓ Checking if OpenShift Pipelines Operator is installed with the default configuration [2s]
Adding .git to https://github.com/kamuser/taxi
Completing Bootstrap process
✓ Authentication tokens encrypted in secrets
✓ Pipelines tracker has been configured
✓ OpenShift Pipelines resources created
✓ Openshift Route for EventListener created
✓ Created dev, stage and CICD environments
The authenticity of host 'github.com (13.234.176.102)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
RSA key fingerprint is MD5:16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48.
Are you sure you want to continue connecting (yes/no)? yes
✓ Created repository
✓ Bootstrapped OpenShift resources successfully
Next Steps:
Please refer to https://github.com/redhat-developer/kam/tree/master/docs to get started.
Step 6: Now you can skip step https://github.com/redhat-developer/kam/tree/master/docs/journey/day1#bringing-the-bootstrapped-environment-up and follow https://github.com/redhat-developer/kam/tree/master/docs/journey/day1#bringing-the-deployment-infrastructure-up onward.
Run bootstrap command without --push-to-git=true
flag.
Step 1: Install the pre-req for bootstrap command to run. Refer - https://github.com/redhat-developer/kam/tree/master/docs/journey/day1#day-1-operations
Step 2: Create an empty public or private gitops repo (required for --gitops-repo-url
flag)
Step 3: Run the bootstrap command
# kam bootstrap --service-repo-url https://github.com/<your-githubuser>/taxi --gitops-repo-url <repo-created-in-step2> --image-repo quay.io/<your-githubuser>/taxi --dockercfgjson <bot-docker-config-file> --git-host-access-token ****** --output resources
Checking dependencies
✓ Checking if Sealed Secrets is installed with the default configuration [1s]
✓ Checking if ArgoCD Operator is installed with the default configuration [2s]
✓ Checking if OpenShift Pipelines Operator is installed with the default configuration [2s]
Adding .git to https://github.com/kamuser/taxi
Completing Bootstrap process
✓ Authentication tokens encrypted in secrets
✓ Pipelines tracker has been configured
✓ OpenShift Pipelines resources created
✓ Openshift Route for EventListener created
✓ Created dev, stage and CICD environments
✓ Bootstrapped OpenShift resources successfully
Next Steps:
Please refer to https://github.com/redhat-developer/kam/tree/master/docs to get started.
Step 4: Follow the step https://github.com/redhat-developer/kam/tree/master/docs/journey/day1#bringing-the-bootstrapped-environment-up onward
/kind documentation
We can fix this, by implementing support for GitHub and GitLab to allow us to push the bootstrapped repo.
But, this won't help with the test environment, as you'll need to modify and push the source code at some point during the test process.
Describe the bug With all the prerequisites are there, run the kam bootstrap command from machine with no SSH configuration, you will face following error:
To Reproduce Steps to reproduce the behavior:
Screenshots