-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
Jenkins 2.150.3 on master
Artifactory Plugin 3.2.1
Windows 10 slave with JRE version 1.8.0_201-b09, conan 1.11.2
I use conan on an internal network with PKI rooted under a local private CA. For normal conan client use, this requires users to append to their ".conan/cacert.pem" file the local CA.
When used by the Jenkins artifactory plugin, it appears that there is no way to influence the temporary per-build conan configuration to include the local CA, so any attempts to access our Artifactory host are blocked (correctly) as having an improper host certificate.
A workaround for the CA issue is to create a system-wide or account-wide conan configuration, modify the "cacert.pem" file appropriately, and then use the following within a Jenkinsfile to force the use of a single ".conan" home folder. Unfortunately, this has implications on concurrent builds on a single host which I would like to avoid.
// work-around Jenkins conan client not liking environment variable def realHome = "${env.CONAN_USER_HOME}".toString() withEnv(['CONAN_USER_HOME=']) { def conan = Artifactory.newConanClient(userHome: realHome) buildInfoDn = conan.run( command: "install conanfile.py -s build_type=${buildtype} -o import_symstore=True".toString() ) }
Please, read the answer in this Github issue here: https://github.com/jfrog/jenkins-artifactory-plugin/pull/252#issuecomment-585871437
I can recommend you to use conan config install command, it is a convenient way to share and keep track of the Conan configuration inside a company, you can store the proper cacert.pem file and run conan install as the first step in your Jenkins job.