Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-41862

ssh-agent plugin do not actually switch job cridentials

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ec2-plugin
    • None
    • EC2 Linux slave, job definition with cridentials different from defined in jenkens configuration

      Hi.
      I am using ssh-agent plugin to define cridentials for my job(node is defined with user "ec2-user" but I want to run build script under different user - ctmacc1)
      I have defined such user on EC2 linux node , with same ssh key as ec2-user. When I connect to machine manually (putty) with ctmacc1 - it works with no problem
      But when I run job through jenkins - I see following:

      ________________________________________________________
      [ssh-agent] Looking for ssh-agent implementation...
      [ssh-agent] Java/JNR ssh-agent
      [ssh-agent] Registered BouncyCastle on the remote agent
      [ssh-agent] Started.
      [ssh-agent] Using credentials ctmacc1
      [RH12CtmAws] $ /bin/sh -xe /tmp/hudson1327337313392147816.sh
      + id
      uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user),4(adm),10(wheel),190(systemd-journal) context=unconfined_u:unconfined_r:unconfined_t:s0
      ________________________________________________________
      That means ssh-agent says that it uses cridentials ctmacc1 at which user name is defigned to be
      ctmacc1. But "id" command at build script shows that it actually runs under ec2-user

          [JENKINS-41862] ssh-agent plugin do not actually switch job cridentials

          Ashlin Nisho added a comment -

          Hi psimonovsk were you able to pass credentials? Are you getting that option? What version of jenkins and EC2 plugin you use? Actually even am facing similar issue like yours. Here is my issue:

           

          Am following below document to launch spot jenkins slave. Am able to launch slave successfully and connect to jenkins server and bring it online.

           

          https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin .

           

          When am trying to run jenkins job in the launched spot slave facing below issue:

           

          1. All our jobs run as adchemy user as our application is configured to use adchemy user rather root user.

          2. In our old jenkins when we launch slave manually we have an option to specify to credentials as adchemy so that jobs connect to server as adchemy user and executes successfully. I have attached screen shot highlighting that option.

          3. But here spot slave doesn't have that option while in configure or later to add manually so here jobs connect to slave as root user rather adchemy user which makes jobs fails as all our repo and configs should use adchemy user.

           Am not getting an option to add credentials. I couldnt see that tab only. EC2 plugin version is 1.31 and jenkins version is 1.509.

           

          Thanks

          Ashlin Nisho added a comment - Hi psimonovsk were you able to pass credentials? Are you getting that option? What version of jenkins and EC2 plugin you use? Actually even am facing similar issue like yours. Here is my issue:   Am following below document to launch spot jenkins slave. Am able to launch slave successfully and connect to jenkins server and bring it online.   https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin .   When am trying to run jenkins job in the launched spot slave facing below issue:   1. All our jobs run as adchemy user as our application is configured to use adchemy user rather root user. 2. In our old jenkins when we launch slave manually we have an option to specify to credentials as adchemy so that jobs connect to server as adchemy user and executes successfully. I have attached screen shot highlighting that option. 3. But here spot slave doesn't have that option while in configure or later to add manually so here jobs connect to slave as root user rather adchemy user which makes jobs fails as all our repo and configs should use adchemy user.  Am not getting an option to add credentials. I couldnt see that tab only. EC2 plugin version is 1.31 and jenkins version is 1.509.   Thanks

            francisu Francis Upton
            psimonovsk Pavel Simonovsky
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: