-
Bug
-
Resolution: Fixed
-
Major
-
Ubuntu 14.04 LTS + OpenJDK 1.7 + Git 2.0.0 + Gerrit 2.9-rc1+ repo 1.21 + Jenkins 1.565 + REPO plugin 1.6 + SSH Agent Plugin 1.4.1 + Credentials Plugin 1.13
Use REPO plugin with ssh-agent plugin to repo init failed if passphrase is not empty.
Steps:
1. Use ssh-keygen to generate public/private rsa key pair, and enter passphrase;
2. Add Credentials in Jenkins named 'phoebus', fill private key and passphrase. Fill public key to Gerrit.
3. Create a Job, use Gerrit Repo as Source Code Management, the Manifest Repository Url is ssh://phoebus@ubuntu:29418/platform/manifest, and SSH Agent-> Credentials chose 'phoebus';
3. Build failed, the Console Output is as follows:
Building in workspace /var/lib/jenkins/workspace/demo-repo [ssh-agent] Using credentials phoebus [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Started. [demo-repo] $ repo init -u ssh://phoebus@ubuntu:29418/platform/manifest Get ssh://phoebus@ubuntu:29418/platform/manifest Permission denied (publickey). Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
BTW, I try to create a new job and use Git Plugin to clone ssh://phoebus@ubuntu:29418/platform/manifest, it is successful.
[JENKINS-23262] Permission denied when using repo plugin with ssh-agent plugin
| Description |
Original:
Use REPO plugin with ssh-agent plugin to repo init failed if passphrase is not empty. Steps: 1. Use ssh-keygen to generate public/private rsa key pair, and enter passphrase; 2. Add Credentials in Jenkins named 'phoebus'; 3. Create a Job, use Gerrit Repo as Source Code Management, the Manifest Repository Url is ssh://phoebus@ubuntu:29418/platform/manifest, and SSH Agent-> Credentials chose 'phoebus'; 3. Build failed, the Console Output is as follows: {code:xml} Building in workspace /var/lib/jenkins/workspace/demo-repo [ssh-agent] Using credentials phoebus [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Started. [demo-repo] $ repo init -u ssh://phoebus@ubuntu:29418/platform/manifest Get ssh://phoebus@ubuntu:29418/platform/manifest Permission denied (publickey). Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. {code} BTW, I try to create a new job and use Git Plugin to clone ssh://phoebus@ubuntu:29418/platform/manifest, it is successful. |
New:
Use REPO plugin with ssh-agent plugin to repo init failed if passphrase is not empty. Steps: 1. Use ssh-keygen to generate public/private rsa key pair, and enter passphrase; 2. Add Credentials in Jenkins named 'phoebus', fill private key and passphrase. Fill public key to Gerrit. 3. Create a Job, use Gerrit Repo as Source Code Management, the Manifest Repository Url is ssh://phoebus@ubuntu:29418/platform/manifest, and SSH Agent-> Credentials chose 'phoebus'; 3. Build failed, the Console Output is as follows: {code:xml} Building in workspace /var/lib/jenkins/workspace/demo-repo [ssh-agent] Using credentials phoebus [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Started. [demo-repo] $ repo init -u ssh://phoebus@ubuntu:29418/platform/manifest Get ssh://phoebus@ubuntu:29418/platform/manifest Permission denied (publickey). Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. {code} BTW, I try to create a new job and use Git Plugin to clone ssh://phoebus@ubuntu:29418/platform/manifest, it is successful. |
| Environment | Original: Ubuntu 14.04 LTS + OpenJDK 1.7 + Git 2.0.0 + repo 1.21 + Jenkins 1.565 + REPO plugin 1.6 + SSH Agent Plugin 1.4.1 + Credentials Plugin 1.13 | New: Ubuntu 14.04 LTS + OpenJDK 1.7 + Git 2.0.0 + Gerrit 2.9-rc1+ repo 1.21 + Jenkins 1.565 + REPO plugin 1.6 + SSH Agent Plugin 1.4.1 + Credentials Plugin 1.13 |
Geert Pante
added a comment - I have the same issue, even when my passphrase is empty.
I think it's got to do with how ssh-agent works: http://www.snailbook.com/faq/about-agent.auto.html
The ssh-agent injects variables into the environment, which can be picked up by other processes within the same session.
The repo plugin probably does not run in the same session as the SSH Agent plugin.
Geert Pante
added a comment - I have the same issue, even when my passphrase is empty.
I think it's got to do with how ssh-agent works: http://www.snailbook.com/faq/about-agent.auto.html
The ssh-agent injects variables into the environment, which can be picked up by other processes within the same session.
The repo plugin probably does not run in the same session as the SSH Agent plugin.
Scott Anderson
added a comment - That's exactly right, and the fix is already in the master branch but unreleased: https://github.com/jenkinsci/repo-plugin/commit/12d723a0b24218f8a77f97d38f398c0847b9e0e3
Scott Anderson
added a comment - That's exactly right, and the fix is already in the master branch but unreleased: https://github.com/jenkinsci/repo-plugin/commit/12d723a0b24218f8a77f97d38f398c0847b9e0e3 Scott Anderson
made changes -
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
| Workflow | Original: JNJira [ 155825 ] | New: JNJira + In-Review [ 195260 ] |
I'm seeing this same problem on Jenkins 1.580.3