How to checkout ssh remote in github organization Jenkins workflow and use ssh credentials in Jenkinsfile

心已入冬 提交于 2020-01-02 02:55:09

问题


I have a Github Organisation item in jenkins. On the root of my repository, my Jenkinsfile looks something like this:

node {

  def jenkinsCredsId = 'xxxxxxxx-yyyy-zzzz-aaaa-bbbbbbbbbbbb'

  stage 'Checkout'
  checkout scm
  // I also tried the following:
  // checkout scm: [$class: 'GitSCM', source: 'ssh://git@github.com:MY_ORGANISATION/jenkins-testing-temp.git', clean: true, credentialsId: jenkinsCredsId]

  stage 'Build'
  // generate some artefact (dist.zip)

  stage 'Release'

  sshagent([jenkinsCredsId]) {
    sh '''
    git remote -v // show remotes
    ssh-add -l // show currently loaded ssh keys fingerprints

    git fetch --all --tags // IT FAILS HERE

    CURRENT_BUILD_TAG="some_build/${BUILD_NUMBER}"
    git tag ${CURRENT_BUILD_TAG}

    git push --tags

    github-release release \
    --security-token ${GITHUB_RELEASE_TOKEN} \
    --user MY_ORGANIZATION \
    --repo MY_REPO \
    --tag ${CURRENT_BUILD_TAG} \
    --name ${CURRENT_BUILD_TAG}

    github-release upload \
    --security-token ${GITHUB_RELEASE_TOKEN} \
    --user MY_ORGANIZATION \
    --repo MY_REPO \
    --tag ${CURRENT_BUILD_TAG} \
    --name ${CURRENT_BUILD_TAG} \
    --file dist.zip
    '''
  }

There's a few lines for testing repository access in here and it's currently failing on the git fetch part with the following error:

fatal: could not read Username for 'https://github.com': No such device or address

The git remote -v command from the above Jenkinsfile outputs something like origin https://github.com/MY_ORGANIZATION/MY_REPO.

My Github Organization git configuration looks like this:

I found a few related questions:

  • how-to-use-ssh-keys-with-jenkins-workflow-plugin
  • tag-a-repo-from-a-jenkins-workflow-script

回答1:


It turns out that the Github Organization item only uses https credentials for the Scan credentials (like the picture above).

The solution was to hit Advanced button, and to actually select a ssh credential in the Checkout credentials dropdown instead of the default - Same as scan credentials -.

Note that credentials with stars are user/password entries, that's how I found the problem.

This way, the checkout scm will use ssh instead and the sshagent([jenkinsCredsId]) { block will work as expected, letting you create tags, fetch and push according to your rights. :)



来源:https://stackoverflow.com/questions/40618449/how-to-checkout-ssh-remote-in-github-organization-jenkins-workflow-and-use-ssh-c

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!