diff --git a/pkg/apis/devops/v1alpha3/credential_types.go b/pkg/apis/devops/v1alpha3/credential_types.go
index d4b9f8d0d..c5193727c 100644
--- a/pkg/apis/devops/v1alpha3/credential_types.go
+++ b/pkg/apis/devops/v1alpha3/credential_types.go
@@ -48,7 +48,7 @@ const (
 	// SSHAuthPrivateKey is the key of the passphrase for SecretTypeSSHAuth secrets
 	SSHAuthPassphraseKey = "passphrase"
 	// SSHAuthPrivateKey is the key of the privatekey for SecretTypeSSHAuth secrets
-	SSHAuthPrivateKey = "privatekey"
+	SSHAuthPrivateKey = "private_key"
 
 	// SecretTypeSecretText contains data.
 	//
diff --git a/pkg/controller/devopscredential/devopscredential_controller.go b/pkg/controller/devopscredential/devopscredential_controller.go
index 194387a99..fd4f42a28 100644
--- a/pkg/controller/devopscredential/devopscredential_controller.go
+++ b/pkg/controller/devopscredential/devopscredential_controller.go
@@ -239,8 +239,8 @@ func (c *Controller) syncHandler(key string) error {
 		}
 		// Check secret config exists, otherwise we will create it.
 		// if secret exists, update config
-		_, err := c.devopsClient.CreateCredentialInProject(nsName, copySecret)
-		if err != nil {
+		_, err := c.devopsClient.GetCredentialInProject(nsName, copySecret.Name)
+		if err == nil {
 			if _, ok := copySecret.Annotations[devopsv1alpha3.CredentialAutoSyncAnnoKey]; ok {
 				_, err := c.devopsClient.UpdateCredentialInProject(nsName, copySecret)
 				if err != nil {
@@ -248,8 +248,13 @@ func (c *Controller) syncHandler(key string) error {
 					return err
 				}
 			}
+		} else {
+			_, err = c.devopsClient.CreateCredentialInProject(nsName, copySecret)
+			if err != nil {
+				klog.V(8).Info(err, fmt.Sprintf("failed to create secret %s ", key))
+				return err
+			}
 		}
-
 	} else {
 		// Finalizers processing logic
 		if sliceutil.HasString(copySecret.ObjectMeta.Finalizers, devopsv1alpha3.CredentialFinalizerName) {
diff --git a/pkg/models/devops/devops.go b/pkg/models/devops/devops.go
index 3fdd40453..0dd59097c 100644
--- a/pkg/models/devops/devops.go
+++ b/pkg/models/devops/devops.go
@@ -274,6 +274,7 @@ func (d devopsOperator) ListPipelineObj(projectName string, limit, offset int) (
 //credentialobj in crd
 func (d devopsOperator) CreateCredentialObj(projectName string, secret *v1.Secret) (*v1.Secret, error) {
 	projectObj, err := d.ksInformers.Devops().V1alpha3().DevOpsProjects().Lister().Get(projectName)
+	secret.Annotations[devopsv1alpha3.CredentialAutoSyncAnnoKey] = "true"
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/simple/client/devops/jenkins/credential_test.go b/pkg/simple/client/devops/jenkins/credential_test.go
index ce1479803..f252eee99 100644
--- a/pkg/simple/client/devops/jenkins/credential_test.go
+++ b/pkg/simple/client/devops/jenkins/credential_test.go
@@ -67,9 +67,9 @@ func TestNewSshCredential(t *testing.T) {
 			Namespace: "test",
 		},
 		Data: map[string][]byte{
-			"username":   []byte(username),
-			"passphrase": []byte(passphrase),
-			"privatekey": []byte(privatekey),
+			"username":    []byte(username),
+			"passphrase":  []byte(passphrase),
+			"private_key": []byte(privatekey),
 		},
 		Type: "credential.devops.kubesphere.io/ssh-auth",
 	}