Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37297

can't use github deploy keys in Multi-Branch Project Plugin

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Hi,

      I'm currently using the multi-branch project plugin with a specific user's github credentials.
      in "configure" for my folder, under "Source Code Management" I choose "Git", and provide:
      the project repository: https://github.com/org/project.git
      credentials: I choose my user's github credentials.

      I'm trying to use Github's deploy keys instead of my user's credentials.

      I configured deploy keys for our freestyle projects, similar to what's defined here

      When I change the "Source Code Management"
      project repository to: git@github-project:org/project.git
      credentials to: "private key" -> "From the Jenkins master ~/.ssh".

      this configuration works for a freestyle project, but for multi-branch I get the following error when saving the configuration.

      looking at the stack trace, "java.net.UnknownHostException: github-project: Name or service not known" it seems that there is some issue with the ssh connection.

      github-project is not an host, but an alias configured in ssh config as following:

      Host github-project
      HostName github.com
      User git
      IdentityFile /var/lib/jenkins/.ssh/id_rsa_project

      I also tried the following project repository configurations:

      • github-project:org/project.git (removed the git@ prefix)
      • github.com:org/project.git (using github.com instead of the ssh alias)

      and both failed with differet errors.

      Started by timer
      Setting origin to github-project:org/project.git
      Fetching origin...
      FATAL: Failed to recompute children of test-project-feature-branches
      hudson.plugins.git.GitException: org.eclipse.jgit.api.errors.TransportException: github-project:org/project.git: Failed to connect
      at org.jenkinsci.plugins.gitclient.JGitAPIImpl.fetch(JGitAPIImpl.java:680)
      at jenkins.plugins.git.AbstractGitSCMSource.retrieve(AbstractGitSCMSource.java:174)
      at jenkins.scm.api.SCMSource.fetch(SCMSource.java:143)
      at jenkins.scm.api.SCMSource.retrieve(SCMSource.java:219)
      at jenkins.scm.api.SCMSource.fetch(SCMSource.java:169)
      at com.github.mjdetullio.jenkins.plugins.multibranch.AbstractMultiBranchProject.computeChildren(AbstractMultiBranchProject.java:583)
      at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:157)
      at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:122)
      at hudson.model.ResourceController.execute(ResourceController.java:98)
      at hudson.model.Executor.run(Executor.java:410)
      Caused by: org.eclipse.jgit.api.errors.TransportException: github-project:org/project.git: Failed to connect
      at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:139)
      at org.jenkinsci.plugins.gitclient.JGitAPIImpl.fetch(JGitAPIImpl.java:678)
      ... 9 more
      Caused by: org.eclipse.jgit.errors.TransportException: github-project:org/project.git: Failed to connect
      at org.jenkinsci.plugins.gitclient.trilead.TrileadSessionFactory.getSession(TrileadSessionFactory.java:54)
      at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:136)
      at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:262)
      at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:161)
      at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:136)
      at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:122)
      at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1138)
      at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:130)
      ... 10 more
      Caused by: java.io.IOException: There was a problem while connecting to github-project:22
      at com.trilead.ssh2.Connection.connect(Connection.java:818)
      at com.trilead.ssh2.Connection.connect(Connection.java:687)
      at com.trilead.ssh2.Connection.connect(Connection.java:587)
      at org.jenkinsci.plugins.gitclient.trilead.TrileadSessionFactory.getSession(TrileadSessionFactory.java:29)
      ... 17 more
      Caused by: java.net.UnknownHostException: github-project: Name or service not known
      at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
      at java.net.InetAddress$1.lookupAllHostAddr(InetAddress.java:922)
      at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1316)
      at java.net.InetAddress.getAllByName0(InetAddress.java:1269)
      at java.net.InetAddress.getAllByName(InetAddress.java:1185)
      at java.net.InetAddress.getAllByName(InetAddress.java:1119)
      at java.net.InetAddress.getByName(InetAddress.java:1069)
      at com.trilead.ssh2.transport.TransportManager.createInetAddress(TransportManager.java:165)
      at com.trilead.ssh2.transport.TransportManager.establishConnection(TransportManager.java:353)
      at com.trilead.ssh2.transport.TransportManager.initialize(TransportManager.java:467)
      at com.trilead.ssh2.Connection.connect(Connection.java:758)
      ... 20 more
      Finished: FAILURE

        Attachments

          Issue Links

            Activity

            Hide
            markewaite Mark Waite added a comment -

            The multi-branch pipeline git implementation (today) uses JGit inside the git plugin for all its git operations, no matter which git implementation is used in the job definition. The JGit implementation inside the git plugin relies on trilead as the ssh implementation. The trilead ssh implementation does not honor settings in the ~/.ssh/config file.

            You can probably work around the problem by defining a credential which uses that ssh key and then use the hostname to the repository rather than the alias from the .ssh/config file.

            Pull request 424 has been submitted by Jakub Cechacek which should address the issue. If you're comfortable integrating a pull request into a custom build of a plugin, you could test drive that pull request. If you're interested in test driving it, but not comfortable building it yourself, I could build it for you and you could report your results.

            Show
            markewaite Mark Waite added a comment - The multi-branch pipeline git implementation (today) uses JGit inside the git plugin for all its git operations, no matter which git implementation is used in the job definition. The JGit implementation inside the git plugin relies on trilead as the ssh implementation. The trilead ssh implementation does not honor settings in the ~/.ssh/config file. You can probably work around the problem by defining a credential which uses that ssh key and then use the hostname to the repository rather than the alias from the .ssh/config file. Pull request 424 has been submitted by Jakub Cechacek which should address the issue. If you're comfortable integrating a pull request into a custom build of a plugin, you could test drive that pull request. If you're interested in test driving it, but not comfortable building it yourself, I could build it for you and you could report your results.
            Hide
            liricooli liron tal added a comment -

            Thanks for your fast and helpful reply.

            I'd be happy to test driving that pull request and report my results.
            Could you please build the plugin for me ?

            Is the configuration I described expected to work or should I make any changes ? Is there anything else I need to know before installing this build ? any other configuration changes or anything else that I should be aware of ?

            Show
            liricooli liron tal added a comment - Thanks for your fast and helpful reply. I'd be happy to test driving that pull request and report my results. Could you please build the plugin for me ? Is the configuration I described expected to work or should I make any changes ? Is there anything else I need to know before installing this build ? any other configuration changes or anything else that I should be aware of ?
            Hide
            markewaite Mark Waite added a comment - - edited

            I built an evaluation of PR424. I've been running it through a series of compatibility tests with no detected compatibility failures. I haven't yet run functional tests to confirm the fix is working as expected.

            Is the configuration I described expected to work or should I make any changes ? Is there anything else I need to know before installing this build ? any other configuration changes or anything else that I should be aware of ?

            Depending on a .ssh/config setting on the jenkins master is uncommon. It means that your jobs will only run as expected on the master node or on agents which also have that same .ssh/config setting for the user that is running the agent process. Most users place the definition of the ssh key in a credential in Jenkins, then reference that credential. I suspect very few users are using the .ssh/config ability to alias a string to a hostname.

            Show
            markewaite Mark Waite added a comment - - edited I built an evaluation of PR424 . I've been running it through a series of compatibility tests with no detected compatibility failures. I haven't yet run functional tests to confirm the fix is working as expected. Is the configuration I described expected to work or should I make any changes ? Is there anything else I need to know before installing this build ? any other configuration changes or anything else that I should be aware of ? Depending on a .ssh/config setting on the jenkins master is uncommon. It means that your jobs will only run as expected on the master node or on agents which also have that same .ssh/config setting for the user that is running the agent process. Most users place the definition of the ssh key in a credential in Jenkins, then reference that credential. I suspect very few users are using the .ssh/config ability to alias a string to a hostname.
            Hide
            liricooli liron tal added a comment -

            will install the plugin and report back.

            regarding your comment - I understand. will try to to add a key for each repository instead. thanks!

            Show
            liricooli liron tal added a comment - will install the plugin and report back. regarding your comment - I understand. will try to to add a key for each repository instead. thanks!
            Hide
            liricooli liron tal added a comment -

            I won't be able to test run this PR soon, sorry.

            Show
            liricooli liron tal added a comment - I won't be able to test run this PR soon, sorry.
            Hide
            markewaite Mark Waite added a comment -

            That's unfortunate, since I have been unable to duplicate the problem. A prototype build is available if others wish to try it.

            Show
            markewaite Mark Waite added a comment - That's unfortunate, since I have been unable to duplicate the problem. A prototype build is available if others wish to try it.
            Hide
            markewaite Mark Waite added a comment -

            Included in git plugin 2.6.0, released 2 Sep 2016.

            Show
            markewaite Mark Waite added a comment - Included in git plugin 2.6.0 , released 2 Sep 2016.

              People

              • Assignee:
                Unassigned
                Reporter:
                liricooli liron tal
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: