Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

jenkins pipeline cannot check code into git

In my jenkins pipeline project I can check code out from git fine... but we need to do some git checkins and the credentials apparently are not cached.

    stage 'Checkout'
    git url: '[email protected]:myproj.git', branch: 'master', credentialsId: '012ce21d-e920-44ee-b6f7-08df8ab41de0', variable: 'CREDENTIALS'
    sh('git push') <---- fails with Permission denied (public key).

here is sample output:

Entering stage Checkout
Proceeding
[Pipeline] git
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url [email protected]:myproj # timeout=10
Fetching upstream changes from [email protected]:myproj.git
 > git --version # timeout=10
using GIT_SSH to set credentials 
 > git -c core.askpass=true fetch --tags --progress [email protected]:myproj.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision cc35402c6b39e8a1f8d55a831d2d10215d47ccd0 (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f cc35402c6b39e8a1f8d55a831d2d10215d47ccd0 # timeout=10
 > git branch -a -v --no-abbrev # timeout=10
 > git branch -D master # timeout=10
 > git checkout -b master cc35402c6b39e8a1f8d55a831d2d10215d47ccd0
 > git rev-list cc35402c6b39e8a1f8d55a831d2d10215d47ccd0 # timeout=10
[Pipeline] sh
[myproj] Running shell script
+ git push --set-upstream origin master
Warning: Permanently added the RSA host key for IP address '192.192.143.2' to the list of known hosts.
Permission denied (publickey).
fatal: Could not read from remote repository.

anyone have a good solution to this?

thanks

like image 867
phil swenson Avatar asked Aug 30 '16 22:08

phil swenson


People also ask

Why check out code in Jenkins pipeline?

So why will you checkout code in Jenkins pipeline? Having the ability to check out code at any stage of the pipeline is invaluable. Jenkins provides a very simple out of the box way of checking out code in pipeline. checkout scm. It will simply checkout code’s version which triggered the run.

How do I generate a sample pipeline script for the Git step?

Use the Pipeline Syntax Snippet Generator to generate a sample pipeline script for the git step. More advanced checkout operations require the checkout step rather than the git step. Examples of the git step include:

Does Jenkins support Git and SVN?

Both Git as well as SVN are supported. Jenkins pipeline feature is an awesome feature. A reason good enough to make you upgrade to Jenkins 2. It essentially has made scripting a first class citizen in world of Jenkins. I am replacing all the clunky old NANT script based Jenkins jobs with Pipeline based jobs.

What are the default credentials to use in a Jenkins pipeline?

You can use the following in a pipeline: If you're using the ssh url then your credentials must be username + private key. If you're using the https clone url instead of the ssh one, then your credentials should be username + password. To checkout based on the configred credentials in the current Jenkins Job


2 Answers

the answer is to use the sshagent jenkins plugin:

http://getmesh.io/Blog/Jenkins+2+Pipeline+101

this plugin injects a SSH_AUTH_SOCK environment variable for git access

like image 171
phil swenson Avatar answered Sep 19 '22 17:09

phil swenson


Extracted from the Jenkins pipeline samples repository, we can do that avoid using sshagent: https://github.com/jenkinsci/pipeline-examples/blob/master/pipeline-examples/push-git-repo/pushGitRepo.Groovy

Then for your exemple, the solution should be using the Credentials binding plugin (https://wiki.jenkins-ci.org/display/JENKINS/Credentials+Binding+Plugin) and use this snippet:

stage ('Checkout') {
  withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: '012ce21d-e920-44ee-b6f7-08df8ab41de0', usernameVariable: 'GIT_USERNAME', passwordVariable: 'GIT_PASSWORD']]) {
    sh("git tag -a some_tag -m 'Jenkins'")
    sh('git push git://${GIT_USERNAME}:${GIT_PASSWORD}@bitbucket.org:myproj.git')
  }
}
like image 27
l.cotonea Avatar answered Sep 18 '22 17:09

l.cotonea