Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49418

cannot use SSH credentials from within shell script build step.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Not A Defect
    • Component/s: ssh-agent-plugin
    • Labels:
      None
    • Environment:
      Ubuntu Linux, Jenkins ver. 2.105,
    • Similar Issues:

      Description

      Steps to reproduce:

      1) Add SSH credential to jenkins for some site.

      2) Configure a GIT repo to be checked out via the Jenkins process.

      NOTE: This step works, no problem.

      3) Create a build step (execute bash script) that performs the same check out using the same URL

      In the shell script, add a single line:  "git clone URL  SOMEDIR" 

      This should - work because the AGENT has been told to provide the credentials.

      Expected: The GIT clone should work

      Result: The GIT operation fails

      Please note: this is a very simple test case/example that I have reduced from a much larger far more complex series of scripts.

      NOTE: the SSH key does not require a pass phrase.

       

      See below for the log output from Jenkins

      [EnvInject] - Loading node environment variables.
      Building remotely on myslave - tiopbld (tiop_linux) in workspace /scratch/jenkins/workspace/pybuilder-testing/shellscript_test.sh
      [ssh-agent] Looking for ssh-agent implementation...
      [ssh-agent] Exec ssh-agent (binary ssh-agent on a remote machine)
      $ ssh-agent
      SSH_AUTH_SOCK=/tmp/ssh-PRUTedOo0d7o/agent.16607
      SSH_AGENT_PID=16609
      [ssh-agent] Started.
      $ ssh-add /scratch/jenkins/workspace/pybuilder-testing/shellscript_test.sh@tmp/private_key_2048740533538871194.key
      Identity added: /scratch/jenkins/workspace/pybuilder-testing/shellscript_test.sh@tmp/private_key_2048740533538871194.key (/scratch/jenkins/workspace/pybuilder-testing/shellscript_test.sh@tmp/private_key_2048740533538871194.key)
      [ssh-agent] Using credentials tiopbld
      Cloning the remote Git repository
      Cloning repository ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git
      {{ > git init /scratch/jenkins/workspace/pybuilder-testing/shellscript_test.sh # timeout=10}}
      Fetching upstream changes from ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git
      {{ > git --version # timeout=10}}
      using GIT_SSH to set credentials jenkins-tiop-myuser
      {{ > git fetch --tags --progress ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git +refs/heads/:refs/remotes/origin/}}
      {{ > git config remote.origin.url ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git # timeout=10}}
      {{ > git config --add remote.origin.fetch +refs/heads/:refs/remotes/origin/ # timeout=10}}
      {{ > git config remote.origin.url ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git # timeout=10}}
      Fetching upstream changes from ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git
      using GIT_SSH to set credentials jenkins-tiop-myuser
      {{ > git fetch --tags --progress ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git +refs/heads/:refs/remotes/origin/}}
      {{ > git rev-parse refs/remotes/origin/master^{commit} # timeout=10}}
      {{ > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10}}
      Checking out Revision 5255667cfed01bdfcecc558a2c63bd6679503fc7 (refs/remotes/origin/master)
      {{ > git config core.sparsecheckout # timeout=10}}
      {{ > git checkout -f 5255667cfed01bdfcecc558a2c63bd6679503fc7}}
      Commit message: "test commit from new linus machine"
      First time build. Skipping changelog.
      [shellscript_test.sh] $ /bin/sh -xe /tmp/jenkins2668814567868620035.sh
      + git clone ssh://git@bitbucket.myserver.com/pybuild/pythonbuilder.git OUTPUTDIR
      Cloning into 'OUTPUTDIR'...
      Permission denied (publickey).
      fatal: Could not read from remote repository.Please make sure you have the correct access rights
      and the repository exists.
      Build step 'Execute shell' marked build as failure
      $ ssh-agent -k
      unsetenv SSH_AUTH_SOCK;
      unsetenv SSH_AGENT_PID;
      echo Agent pid 16609 killed;
      [ssh-agent] Stopped.
      Unable to connect to Elasticsearch service. Check Elasticsearch is running in the correct namespace
      Finished: FAILURE

        Attachments

          Activity

          Hide
          duaneellis duane ellis added a comment -

          Internal error - SSH keys where poorly and not distinctly named.

          Show
          duaneellis duane ellis added a comment - Internal error - SSH keys where poorly and not distinctly named.

            People

            • Assignee:
              Unassigned
              Reporter:
              duaneellis duane ellis
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: