Issue when connect to Git by Basic authentication

[zhanghetong]

Expected Behavior

connect git Successful

Actual Behavior

kubectl get pod: git-ssh-creds-pod-m88jv 0/2 Error 0 41s

logs:

{
    "level":"error",
    "ts":1595919332.313233,
    "caller":"git/git.go:41",
    "msg":"Error running git [fetch --recurse-submodules=yes --depth=1 origin --update-head-ok --force master]: exit status 128
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
",
    "stacktrace":"github.com/tektoncd/pipeline/pkg/git.run
github.com/tektoncd/pipeline/pkg/git/git.go:41
github.com/tektoncd/pipeline/pkg/git.Fetch
github.com/tektoncd/pipeline/pkg/git/git.go:119
main.main
github.com/tektoncd/pipeline/cmd/git-init/main.go:52
runtime.main
runtime/proc.go:203"
}
{
    "level":"fatal",
    "ts":1595919332.3138816,
    "caller":"git-init/main.go:53",
    "msg":"Error fetching git repository: failed to fetch [master]: exit status 128",
    "stacktrace":"main.main
github.com/tektoncd/pipeline/cmd/git-init/main.go:53
runtime.main
runtime/proc.go:203"
}

Steps to Reproduce the Problem

1. gitbasic.yaml:

apiVersion: v1
kind: Secret
metadata:
  name: basic-user-pass
  annotations:
    tekton.dev/git-0: https://github.com
type: kubernetes.io/basic-auth
stringData:
  username: zhanghetong
  password:{{mypassword}}

gitbasicsa.yaml:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: build-bot
secrets:
  - name: basic-user-pass

gittask.yaml:

apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  name: git-ssh-creds
spec:
  serviceAccountName: build-bot
  resources:
    inputs:
    - name: gitssh
      resourceSpec:
        type: git
        params:
        - name: revision
          value: master
        - name: url
          value: git@github.com:tektoncd/pipeline.git
  taskSpec:
    resources:
      inputs:
      - name: gitssh
        type: git
    steps:
    - name: config
      image: ubuntu
      script: |
        cat /workspace/gitssh/README.md

2.

kubectl apply -f gitbasic.yaml secret/basic-user-pass created kubectl apply -f gitbasicsa.yaml serviceaccount/build-bot created kubectl apply -f gittask.yaml taskrun.tekton.dev/git-ssh-creds created

3.

tkn taskrun describe git-ssh-creds

Name:              git-ssh-creds
Namespace:         default
Service Account:   build-bot
Timeout:           1h0m0s
Labels:
 app.kubernetes.io/managed-by=tekton-pipelines

🌡️  Status

STARTED         DURATION     STATUS
2 minutes ago   34 seconds   Failed

Message

"step-git-source-gitssh-rvs28" exited with code 1 (image: "docker-pullable://hub.17usoft.com/treafik-proxy/gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init@sha256:243f11d3aa3d9e54e4bf76dc278146d444c135af5514f242be6a90b584726ee1"); 
for logs run: kubectl -n default logs git-ssh-creds-pod-m88jv -c step-git-source-gitssh-rvs28

📨 Input Resources

 NAME       RESOURCE REF
 ∙ gitssh   

📡 Output Resources

 No output resources

⚓ Params

 No params

🦶 Steps

 NAME                        STATUS
 ∙ git-source-gitssh-rvs28   Error
 ∙ config                    Error

🚗 Sidecars

No sidecars

kubectl -n default logs git-ssh-creds-pod-m88jv -c step-git-source-gitssh-rvs28

{
    "level":"error",
    "ts":1595919332.313233,
    "caller":"git/git.go:41",
    "msg":"Error running git [fetch --recurse-submodules=yes --depth=1 origin --update-head-ok --force master]: exit status 128
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
",
    "stacktrace":"github.com/tektoncd/pipeline/pkg/git.run
github.com/tektoncd/pipeline/pkg/git/git.go:41
github.com/tektoncd/pipeline/pkg/git.Fetch
github.com/tektoncd/pipeline/pkg/git/git.go:119
main.main
github.com/tektoncd/pipeline/cmd/git-init/main.go:52
runtime.main
runtime/proc.go:203"
}
{
    "level":"fatal",
    "ts":1595919332.3138816,
    "caller":"git-init/main.go:53",
    "msg":"Error fetching git repository: failed to fetch [master]: exit status 128",
    "stacktrace":"main.main
github.com/tektoncd/pipeline/cmd/git-init/main.go:53
runtime.main
runtime/proc.go:203"
}

Additional Info

• Kubernetes version:

  
  Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"clean", BuildDate:"2020-06-26T03:47:41Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
  Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.2", GitCommit:"52c56ce7a8272c798dbc29846288d7cd9fbae032", GitTreeState:"clean", BuildDate:"2020-04-16T11:48:36Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}

- Tekton Pipeline version:

Client version: 0.10.0 Pipeline version: v0.14.1 Triggers version: unknown

[ghost]

I think I see two problems here:

1. git doesn't support basic authentication with SSH URLs. As I understand it "basic auth" is "HTTP Basic Authentication", meaning it only works with repositories referenced by http(s)://....

2. the URLs are a bit mixed up - in the Secret you have annotated with https://github.com. In the Task you are referencing git@github.com <- an SSH format.

I recommend changing your Task to use the following example PipelineResource:

      resourceSpec:
        type: git
        params:
        - name: revision
          value: master
        - name: url
          value: https://github.com/tektoncd/pipeline.git

[ghost]

Closing this issue as I think the questions are resolved. Please reopen if you continue to experience problems and let me know if the changes I've suggested have made any difference. Thanks for the issue report!