I'm using gradle-release plugin in a CI/CD context with GitLab-CI.
I have set up a public private key in GitLab to allow my pipeline to push stuff in the repo but I have an issue, I guess, with how to pass SSH info to gradle process.
In my pipeline script, I have a before_script and I do
- eval $(ssh-agent -s)
- bash -c 'ssh-add <(echo "${MY_SSH_PRIVATE_KEY}")'
MY_SSH_PRIVATE_KEY is stored in the GitLab CI variables.
Then I set my remote url with the ssh style for git repo
git remote set-url origin git#${remoteUrl}
I checkout my branch
git checkout -B ${CI_COMMIT_REF_NAME} ${CI_COMMIT_SHA}
then I call for the plugin
./gradlew release --info -Prelease.useAutomaticVersion=true
I have a an issue during the plugin process
> Failed to run [git remote update] - [Fetching origin ][Host key
> verification failed. fatal: Could not read from remote repository.
>
> Please make sure you have the correct access rights and the repository
> exists. error: Could not fetch origin ]
Do you have an idea on how to fix it?
Related
I'm trying to commit and push the changes to Bitbucket using a Jenkins Job
The job is a Freestsyle Project with "Execute Shell" as a build step.
What I currently did inside the build step of "Execute Shell" is the following:
python run.py
git config --global user.email "name#gmail.com"
git config --global user.name "name"
git add .
git commit -m 'jenkins.job : update...'
Then I push the changes with Git Publisher.
This works as expected in my local computer but is there a way to retrieve the credentials that I used in Source Code Management with Jenkins variables instead of using git config (because I'm not allowed to use git config error: could not lock config file //.gitconfig: Permission denied)
I fixed it using git -c user.name=".." -c user.email="..#.." commit -m ".."
This way I can set temporary configuration data.
I'm trying to import a module located in AWS codecommit. To clone the repository I'm using HTTPS GRC (Git Remote Codecommit) method, which uses Google Suite credentials to access AWS console.
The command I use to clone the repository is:
git clone codecommit::us-west-2://my-module
The remote module's go.mod file contains this:
module git-codecommit.us-west-2.amazonaws.com/my-module.git
I tried to achieve my goal configuring Git like this:
git config --global url."codecommit::us-west-2://".insteadOf "https://git-codecommit.us-west-2.amazonaws.com/"
Setted GOPRIVATE:
go env -w GOPRIVATE=git-codecommit.us-west-2.amazonaws.com/my-module.git
And then getting the repository:
go get -x git-codecommit.us-west-2.amazonaws.com/my-module.git
but I get this output (and the execution gets stuck):
cd.
git ls-remote https://git-codecommit.us-west-2.amazonaws.com/my-module
I would like to mention that when I execute the git ls-remote https://git-codecommit.us-west-2.amazonaws.com/my-module command manually I get the information of the branches and tags without problems.
I checked this topic but in that case SSH protocol is used instead of HTTP GRC. Maybe the only way to import a module from a private repository is via SSH?
Finally found the solution:
Set Git credential helper:
git config --global credential.helper '!aws codecommit credential-helper $#'
git config --global credential.UseHttpPath true
Set GOPRIVATE env var:
go env -w GOPRIVATE=git-codecommit.us-west-2.amazonaws.com
In MacOS, disable keychain for Git:
Comment helper = osxkeychain in the file containing that value (run git config -l --show-origin | grep credential to find the target file)
Run go get:
go get git-codecommit.us-west-2.amazonaws.com/v1/repos/my-module.git
I've been working on auto-building a maven project with Jenkins.
Manually, from "start build" in Jenkins, it's working correctly, but from a bitbucket webhook :
"jenkins_url/bitbucket-hook/", after committing and pushing in my bitbucket repo, I'm getting in Jenkins's Bitbucket Hook Log this error :
FATAL: hudson.plugins.git.GitException: Command "git ls-remote -h -- https://my_username#bitbucket.org/repo.git/" returned status code 128:
stdout:
stderr: remote: Invalid username or password
fatal: Authentication failed for 'https://bitbucket.org/repo.git/'
hudson.plugins.git.GitException: Command "git ls-remote -h -- https://my_username#bitbucket.org/repo.git/" returned status code 128:
stdout:
stderr: remote: Invalid username or password
fatal: Authentication failed for 'https://bitbucket.org/repo.git/'
I'm using username and password credentials.
Wish you could help me.
I just found a solution to my own question, if someone needs it.
Just use ssh access key to connect to your bitbucket repo (not username-password credentials) :
--> connect to jenkins user by su jenkins or su -s /bin/bash jenkins
--> generate your ssh key under /var/lib/jenkins/.ssh by ssh-keygen
--> copy your private key in a jenkins global identifier
--> copy your public key in a bitbucket access key
and the build will work in both cases : manually and after a push to your
repository
(You will also need ssh publisher plugin in jenkins to put the bitbucket host id).
I am using my PC as a server to build my Jenkins script with declarative pipeline.
when running a git clone on the git bash, it works well:
$ git clone ssh://guillaumed#myserver.com:29418/myProjects/thisProject.git ThisFirmware
Cloning into 'ThisFirmware'...
remote: Counting objects: 889, done
remote: Finding sources: 100% (203/203)
Receiving objects: 79% (121769/152721), 48.11 MiB | 10.35 MiB/s
but running it on the same machine through pipelining :
sh "git clone ssh://guillaumed#myserver.com:29418/myProjects/thisProject.git ThisFirmware"
gives me the following error
[Pipeline] sh
+ git clone ssh://guillaumed#myserver.com:29418/myProjects/thisProject.git ThisFirmware
Cloning into 'ThisFirmware'...
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
any hints?
To be sure I was using the same key, thanks to Jens, the pipeline script couldn't find the key.
Doing cat ~/.ssh/id_rsa.pub on the pipeline, resulted in + cat /c/windows/system32/config/systemprofile/.ssh/id_rsa.pub
cat: /c/windows/system32/config/systemprofile/.ssh/id_rsa.pub: No such file or directory
So I copied the ssh file from my guillaumed user ssh path to the SYSTEM ssh path but I can't use it if i'm logged in with SYSTEM user instead of guillaumed user.
what do I have to do?
this link didn't help.
Indeed, you can't checkout with ssh if you are logged as SYSTEM.
To checkout as "thisUser":
You'll need to configure your Jenkins.
1/ add a user "thisUser"
2/ add user's ssh credentials "thisUser-ssh-credentials"
3/ use ssh-agent plugin https://wiki.jenkins.io/display/JENKINS/SSH+Agent+Plugin
Then configure your pipeline
dir(server_workspace)
{
sshagent(credentials: ['thisUser-ssh-credentials'] )
{
sh "git clone ssh://thisUser#domain.com:port/yourProjects/thisProject.git"
}
}
I run my Jenkins server on the local machine, and I met problem with fetching project from GitLab repository. I don't know exactly what I have to done.
ERROR: Error cloning remote repo 'origin'
hudson.plugins.git.GitException: Command "C:\Program Files\Git\bin\git.exe fetch --tags --progress http://repository.vrpconsulting.com/roman.skaskevich/koshcheck-copy.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout:
stderr: Logon failed, use ctrl+c to cancel basic credential prompt.
remote: HTTP Basic: Access denied
fatal: Authentication failed for 'http://repository.vrpconsulting.com/roman.skaskevich/koshcheck-copy.git/'
GITLAB SETTINGS: here
EDIT #1
When I run git fetch --tags --progress http://repository.vrpconsulting.com/roman.skaskevich/koshcheck-copy.git +refs/heads/*:refs/remotes/origin/* on local machine, it performs successfully and dialog for entering login/password is showed.
But what I have to do that jenkins job performed this command successfully?
EDIT #2
For now, Credentials Binding Plugin helps me implements to checking credentials in Jenkinsfile.
EDIT #3
I run Jenkins server on another machine and have the same problem. I don't want to use login/password, so adding SSH key solved this problem.
Thanks in advance!
Seems like your repo is private. Private git repos requires authentication. Reconfigure your git client plugin check if you are able to connect to remote repo via password based authentication , if not , try SSHing to the repo.
Looks like this ins private repo if you want to clone that repo to jenkins workspace you need to provide your gitlab credentials in jenins.
for that, you need to install jenkins plugin called "Gitlab Authentication plugin". once you completed the installation please do a restart.
Add Gitlab credentials in "Jenkins Credentials Provider: Jenkins".
later you can add your gitlab credentials in Source Code Management
Source Code Management
in credentials select the saved gitlab credentials.
Steps:
Install plugins:
Gitlab
Gitlab authentication
Configure global credentials in jenkins:
go to credentials >> system >> global creds >> username & password
ID: git
username: your gitlab username
password: your gitlab password
Pipeline:
stage('SCM') {
steps {
git credentialsId: 'git', url: 'your gitlab url'
}
}
I got this error too. In my case, the git repo is a private one.
I added the git link and then supplied the git credentials to the particular Jenkins job. The issue is gone and able to build project from Jenkins.