The ssh key you are providing for git cloning is not available in the context under which "assemble" is running. They are actually two totally separate docker containers.
That is why you need to separately indicate you want to provide a secret to the build via this mechanism: https://docs.openshift.org/latest/dev_guide/builds.html#using-secrets if indeed composer will just use the the file named ssh-key from $HOME/.ssh then you should be able to specify "/opt/app-root/src/.ssh/ssh-key" as the destinationDir for the secret. (/opt/app-root/src is $HOME in our php image and presumably yours as well). On Wed, Feb 3, 2016 at 9:55 AM, Johary RAVELONJATOVO <[email protected]> wrote: > Hi, > > My custom s2i image is similar to your image so I thought it's the same > issue. > Here are my log on level 5 > /*** > *As you see, the ssh-privatekey used when it clone the project is the same > that I want to use during the "composer install" > ****/ > I0203 14:24:50.378994 1 scmauths.go:27] Finding auth for "ssh-privatekey" > 4 I0203 14:24:50.379052 1 scmauths.go:30] Found SCMAuth "ssh-privatekey" > to handle "ssh-privatekey" > 5 I0203 14:24:50.379075 1 scmauths.go:45] Setting up SCMAuth > "ssh-privatekey" > 6 I0203 14:24:50.379644 1 sti.go:167] With force pull false, setting > policies to if-not-present > ... > /**** > * Here the git repo is added to the known host so it used correctly the > ssh-key > ****/ > 18 I0203 14:24:50.399258 1 sti.go:140] Preparing to build > 172.30.223.43:5000/xxxxxxxxxx/xxxxxxxxxx-xxxxxxxxxx:latest > 19 I0203 14:24:50.399610 1 source.go:96] git ls-remote > ssh://[email protected]:7999/cr/xxxxxxxxxx-xxxxxxxxxx.git --heads > 20 I0203 14:24:50.399663 1 repository.go:275] Executing git ls-remote > ssh://[email protected]:7999/cr/xxxxxxxxxx-xxxxxxxxxx.git --heads > 21 I0203 14:24:50.900606 1 repository.go:305] Err: Warning: Permanently > added '[stash.xxxxxxxxxx.lan]:7999,[x.x.x.x]:7999' (RSA) to the list of > known hosts. > 22 I0203 14:24:50.900649 1 source.go:119] Warning: Permanently added > '[stash.xxxxxxxxxx.lan]:7999,[x.x.x.x]:7999' (RSA) to the list of known > hosts. > 23 I0203 14:24:50.900662 1 source.go:189] Cloning source from > ssh://[email protected]:7999/cr/xxxxxxxxxx-xxxxxxxxxx.git > 24 I0203 14:24:50.900677 1 repository.go:275] Executing git clone > --recursive ssh://[email protected]:7999/cr/xxxxxxxxxx-xxxxxxxxxx.git > /tmp/s2i-build583749303/upload/src > 25 I0203 14:24:58.501440 1 repository.go:300] Out: Cloning into > '/tmp/s2i-build583749303/upload/src'... > 26 I0203 14:24:58.501483 1 repository.go:275] Executing git config --get > remote.origin.url > 27 I0203 14:24:58.502624 1 repository.go:300] Out: > ssh://[email protected]:7999/cr/xxxxxxxxxx-xxxxxxxxxx.git > 28 I0203 14:24:58.502650 1 repository.go:275] Executing git rev-parse > --abbrev-ref HEAD > 29 I0203 14:24:58.504043 1 repository.go:300] Out: develop > 30 I0203 14:24:58.504064 1 repository.go:275] Executing git rev-parse > --verify HEAD > 41 I0203 14:24:58.520643 1 repository.go:300] Out: Thu Dec 17 13:42:16 > 2015 -0500 > 42 I0203 14:24:58.520667 1 repository.go:275] Executing git --no-pager > show -s --format=%<(80,trunc)%s HEAD > 43 I0203 14:24:58.522358 1 repository.go:300] Out: Automatic merge from > master -> develop > ... > /**** > * > ****/ > 44 I0203 14:24:58.522392 1 common.go:78] Setting build revision to > &api.GitSourceRevision{Commit:"1da37a9c4395024f4f934a9fdb91185058055b99", > Author:api.SourceControlUser{Name:"Johary Ravelonjatovo", Email:" > [email protected]"}, Committer:api.SourceControlUser{Name:"Johary > Ravelonjatovo", Email:"[email protected]"}, Message:"Automatic merge > from master -> develop"} > 45 I0203 14:24:58.598255 1 docker.go:224] Image > openshift/php-55-centos7@sha256:2efdf864cdff3795138d0bae5c9a198dc6b8cf0815ed845a99ef372021bbb8c3 > available locally > 46 I0203 14:24:58.598279 1 docker.go:344] Image contains > io.openshift.s2i.scripts-url set to 'image:///usr/libexec/s2i' > 47 I0203 14:24:58.598308 1 download.go:57] Using image internal scripts > from: image:///usr/libexec/s2i/assemble > 48 I0203 14:24:58.598319 1 download.go:57] Using image internal scripts > from: image:///usr/libexec/s2i/run > 49 I0203 14:24:58.600501 1 docker.go:224] Image > openshift/php-55-centos7@sha256:2efdf864cdff3795138d0bae5c9a198dc6b8cf0815ed845a99ef372021bbb8c3 > available locally > 50 I0203 14:24:58.600513 1 docker.go:344] Image contains > io.openshift.s2i.scripts-url set to 'image:///usr/libexec/s2i' > 51 I0203 14:24:58.600532 1 download.go:57] Using image internal scripts > from: image:///usr/libexec/s2i/save-artifacts > 52 I0203 14:24:58.600543 1 sti.go:221] Using assemble from > image:///usr/libexec/s2i > 53 I0203 14:24:58.600550 1 sti.go:221] Using run from > image:///usr/libexec/s2i > 54 I0203 14:24:58.600555 1 sti.go:221] Using save-artifacts from > image:///usr/libexec/s2i > 55 I0203 14:24:58.600756 1 ignore.go:58] .s2iignore file does not exist > 56 I0203 14:24:58.600771 1 sti.go:148] Clean build will be performed > 57 I0203 14:24:58.600777 1 sti.go:151] Performing source build from > file:///tmp/s2i-build583749303/upload/src > 58 I0203 14:24:58.600782 1 sti.go:164] Running "assemble" in " > 172.30.223.43:5000/xxxxxxxxxx/xxxxxxxxxx-xxxxxxxxxx:latest" > 59 I0203 14:24:58.600795 1 sti.go:412] Using image name > openshift/php-55-centos7@sha256 > :2efdf864cdff3795138d0bae5c9a198dc6b8cf0815ed845a99ef372021bbb8c3 > 60 I0203 14:24:58.600805 1 sti.go:416] No .sti/environment provided (no > environment file found in application sources) > 61 I0203 14:24:58.601069 1 tar.go:177] Adding to tar: > /tmp/s2i-build583749303/upload/src/.bowerrc as src/.bowerrc > 62 I0203 14:24:58.604169 1 docker.go:344] Image contains > io.openshift.s2i.scripts-url set to 'image:///usr/libexec/s2i' > 63 I0203 14:24:58.604183 1 docker.go:399] Base directory for STI scripts > is '/usr/libexec/s2i'. Untarring destination is '/tmp'. > 64 I0203 14:24:58.604194 1 docker.go:529] Creating container using config: > {Hostname: Domainname: User: Memory:0 MemorySwap:0 CPUShares:0 CPUSet: > AttachStdin:false AttachStdout:true AttachStderr:false PortSpecs:[] > ExposedPorts:map[] Tty:false OpenStdin:true StdinOnce:true > Env:[OPENSHIFT_BUILD_NAME=xxxxxxxxxx-xxxxxxxxxx-6 > OPENSHIFT_BUILD_NAMESPACE=xxxxxxxxxx > OPENSHIFT_BUILD_SOURCE=ssh://[email protected]:7999/cr/xxxxxxxxxx-xxxxxxxxxx.git > BUILD_LOGLEVEL=5] Cmd:[/bin/sh -c tar -C /tmp -xf - && > /usr/libexec/s2i/assemble] DNS:[] > Image:openshift/php-55-centos7@sha256:2efdf864cdff3795138d0bae5c9a198dc6b8cf0815ed845a99ef372021bbb8c3 > Volumes:map[] VolumeDriver: VolumesFrom: WorkingDir: MacAddress: > Entrypoint:[] NetworkDisabled:false SecurityOpts:[] OnBuild:[] Mounts:[] > Labels:map[]} > 65 I0203 14:24:58.800445 1 docker.go:543] Attaching to container > 66 I0203 14:24:58.801636 1 docker.go:549] Starting container > ... > I0203 14:25:01.784555 1 sti.go:492] ---> Installing application source... > 1804 I0203 14:25:01.933378 1 sti.go:492] Found 'composer.json', installing > dependencies using composer.phar... > 1805 I0203 14:25:08.812637 1 sti.go:492] All settings correct for using > Composer > 1806 I0203 14:25:08.815421 1 sti.go:492] Downloading... > 1807 I0203 14:25:10.314763 1 sti.go:492] > 1808 I0203 14:25:10.314782 1 sti.go:492] Composer successfully installed > to: /opt/app-root/src/composer.phar > 1809 I0203 14:25:10.314788 1 sti.go:492] Use it: php composer.phar > 1810 E0203 14:25:10.471708 1 util.go:91] Loading composer repositories > with package information > 1811 E0203 14:25:10.471807 1 util.go:91] Installing dependencies > (including require-dev) from lock file > 1812 E0203 14:25:10.523105 1 util.go:91] - Installing twig/twig (v1.18.1) > 1813 E0203 14:25:10.523559 1 util.go:91] Downloading > .... > /*** > * Here it didn't use any ssh-key. > **/ > 1849 E0203 14:25:15.074480 1 util.go:91] [RuntimeException] > 1850 E0203 14:25:15.074494 1 util.go:91] Failed to execute git clone > --no-checkout > 'ssh://[email protected]:7999/components/doctrine-migrations.git' > '/opt/app-root/src/vendor/doctrine/migrations' && cd > '/opt/app-root/src/vendor/doctrine/migrations' && git remote add composer > 'ssh://[email protected]:7999/components/doctrine-migrations.git' > && git fetch composer > 1851 E0203 14:25:15.074500 1 util.go:91] Host key verification failed. > 1852 E0203 14:25:15.074504 1 util.go:91] fatal: Could not read from remote > repository. > 1853 E0203 14:25:15.074509 1 util.go:91] Please make sure you have the > correct access rights > 1854 E0203 14:25:15.074514 1 util.go:91] and the repository exists. > 1855 E0203 14:25:15.074518 1 util.go:91] > 1856 E0203 14:25:15.074526 1 util.go:91] > 1857 E0203 14:25:15.074530 1 util.go:91] install [--prefer-source] > [--prefer-dist] [--dry-run] [--dev] [--no-dev] [--no-plugins] > [--no-custom-installers] [--no-autoloader] [--no-scripts] [--no-progress] > [-v|vv|vvv|--verbose] [-o|--optimize-autoloader] > [-a|--classmap-authoritative] [--ignore-platform-reqs] [--] [<packages>]... > 1858 E0203 14:25:15.074535 1 util.go:91] > 1859 I0203 14:25:15.288977 1 docker.go:481] Container wait returns with 1 > and <nil> > > Normally composer use the ssh-key from $HOME/.ssh to install private repo > but here I don't understand the mecanism. I just want to use the same > ssh-key on the beginning during the build > > You can try it by adding this on your composer.json > > { > "require": { > "vendor/my-private-repo": "dev-master" > }, > "repositories": [ > { > "type": "vcs", > "url": "[email protected]:vendor/my-private-repo.git" > } > ]} > > > > Le 2 février 2016 à 15:45, Ben Parees <[email protected]> a écrit : > > I thought you had a custom s2i builder image, but it looks like you're > just using our image. Our image(and the assemble script it includes) is > not going to pass any credential secrets when invoking composer. Are you > providing a custom assemble script in your source repo that invokes > composer directly? If so, how are you intending to tell composer about the > ssh credentials? > > It might also help if you provide build logs with level 5 tracing enabled: > > > https://docs.openshift.org/latest/dev_guide/builds.html#accessing-build-logs > > > > On Tue, Feb 2, 2016 at 5:19 PM, Johary RAVELONJATOVO <[email protected]> > wrote: > >> I saw the doc today and try to use it but my origin was not up to date >> :p. >> >> I try it once I update Origin (There's a lot of change) but I still have >> the same issue. >> >> Here are my build config secret part >> >> >> The "scmsecret" is my secret test key from ssh-key. Is there something >> that I'm doing wrong? >> >> Thanks, >> >> Le 2 février 2016 à 12:29, Ben Parees <[email protected]> a écrit : >> >> we've just added a feature which allows you to inject secrets into the >> build process so they are available during the "assemble" invocation, which >> sounds like what you need. You'll need to be on the latest origin (the >> code just dropped in the last week or so), here are the docs: >> >> https://docs.openshift.org/latest/dev_guide/builds.html#using-secrets >> >> Once you setup the build to inject your secret value, you can modify your >> assemble script to use it when invoking composer. >> >> >> On Tue, Feb 2, 2016 at 3:07 PM, Johary RAVELONJATOVO <[email protected]> >> wrote: >> >>> Hi everyone, >>> >>> I actually try to deploy a symfony 2 project with OpenShift Origin. The >>> source code of my project is on a private repository and I have create a >>> secret with my ssh key to access on it "private-repo-secret". With that I >>> have no problem to access on the source code with OpenShift Origin. >>> After that I create a STI custom image, which detects if there's a >>> composer.json on the project and if so it launched "composer install" >>> command. >>> >>> I made some test and it works. It detects the composer.json and after >>> that it launches the "composer install" command. >>> >>> The problem is when it did the "composer install", it's correct with >>> public dependencies but not with private. I got an issue with ssh key >>> because it needs the "private-repo-secrets" during the build with "composer >>> install" >>> >>> >>> >>> _______________________________________________ >>> users mailing list >>> [email protected] >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >>> >>> >> >> >> -- >> Ben Parees | OpenShift >> >> > > > -- > Ben Parees | OpenShift > > -- Ben Parees | OpenShift
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
