-
Bug
-
Resolution: Cannot Reproduce
-
Major
-
os: rhel 6.6.0, 7.1, 7.3
jenkins: 2.164.3
Pipeline: Shared Groovy Libraries: 2.14, 2.15
Git plugin: 3.11.0, 3.12.0
Git client plugin: 2.7.7, 2.8.0
Loading a shared library at a tag does not use the provided credentials:
lib = library(
identifier: "mylib@tag",
retriever: modernSCM(
[$class: 'GitSCMSource',
remote: "GITLAB_URL/mylib.git",
credentialsId: 'MY_SSH_KEY']
)
)
When using a branch name as version (identifier: "mylib@branch_name"), the library is well loaded:
Attempting to resolve branch_name from remote references...
> git --version # timeout=10
using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab
> git ls-remote git@gitlab/mylib.git # timeout=10
Found match: refs/heads/branch_name revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb
using credential MY_SSH_KEY
Cloning the remote Git repository
Cloning with configured refspecs honoured and without tags
Cloning repository git@gitlab/mylib.git
> git init /jenkins/workspace@libs/mylib # timeout=10
Fetching upstream changes from git@gitlab/mylib.git
> git --version # timeout=10
using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab
> git fetch --no-tags --progress git@gitlab/mylib.git +refs/heads/*:refs/remotes/origin/*
> git config remote.origin.url git@gitlab/mylib.git # timeout=10
> git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10
> git config remote.origin.url git@gitlab/mylib.git # timeout=10
Fetching without tags
Fetching upstream changes from git@gitlab/mylib.git
using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab
> git fetch --no-tags --progress git@gitlab/mylib.git +refs/heads/*:refs/remotes/origin/*
Checking out Revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb (branch_name)
> git config core.sparsecheckout # timeout=10
> git checkout -f 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb
Commit message: "message"
> git rev-list --no-walk 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb # timeout=10
But when using a tag, a permission denied occured:
Loading library mylib@tag Attempting to resolve tag from remote references... > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git ls-remote git@gitlab/mylib.git.git # timeout=10 Found match: refs/tags/tag revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb Resolving tag commit... (remote references may be a lightweight tag or an annotated tag) > git rev-parse --is-inside-work-tree # timeout=10 Setting origin to git@gitlab/mylib.git.git > git config remote.origin.url git@gitlab/mylib.git.git # timeout=10 Fetching origin... Fetching upstream changes from origin > git --version # timeout=10 > git config --get remote.origin.url # timeout=10 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/* ERROR: Checkout failed hudson.plugins.git.GitException: Command "git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/*" returned status code 128: stdout: stderr: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). fatal: Could not read from remote repository.
The credentials MY_SSH_KEY seems to not be used in this case.
- relates to
-
-
- Closed
-
[JENKINS-59034] Shared library loading with credentials failed when a tag is used
L V
created issue -
| Assignee | Original: Mark Waite [ markewaite ] |
| Assignee | New: Mark Waite [ markewaite ] |
L V
made changes -
| Environment |
Original:
os: rhel 6.6.0 jenkins: 2.164.3 Pipeline: Shared Groovy Libraries: 2.15 Git plugin: 3.12.0 Git client plugin: 2.8.0 |
New:
os: rhel 6.6.0, 7.1, 7.3 jenkins: 2.164.3 Pipeline: Shared Groovy Libraries: 2.14, 2.15 Git plugin: 3.11.0, 3.12.0 Git client plugin: 2.7.7, 2.8.0 |
| Description |
Original:
Looks like {code:java} lib = library( identifier: "mylib@tag", retriever: modernSCM( [$class: 'GitSCMSource', remote: "GITLAB_URL/mylib.git", credentialsId: 'MY_SSH_KEY'] ) ) {code} When using a branch name as version (identifier: "mylib@branch_name"), the library is well loaded: {code:java} Attempting to resolve branch_name from remote references... > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git ls-remote git@gitlab/mylib.git # timeout=10 Found match: refs/heads/branch_name revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb using credential MY_SSH_KEY Cloning the remote Git repository Cloning with configured refspecs honoured and without tags Cloning repository git@gitlab/mylib.git > git init /jenkins/workspace@libs/mylib # timeout=10 Fetching upstream changes from git@gitlab/mylib.git > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git fetch --no-tags --progress git@gitlab/mylib.git +refs/heads/*:refs/remotes/origin/* > git config remote.origin.url git@gitlab/mylib.git # timeout=10 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url git@gitlab/mylib.git # timeout=10 Fetching without tags Fetching upstream changes from git@gitlab/mylib.git using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git fetch --no-tags --progress git@gitlab/mylib.git +refs/heads/*:refs/remotes/origin/* Checking out Revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb (branch_name) > git config core.sparsecheckout # timeout=10 > git checkout -f 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb Commit message: "message" > git rev-list --no-walk 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb # timeout=10 {code} But when using a tag, a permission denied occured: {code:java} Loading library mylib@tag Attempting to resolve tag from remote references... > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git ls-remote git@gitlab/mylib.git.git # timeout=10 Found match: refs/tags/tag revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb Resolving tag commit... (remote references may be a lightweight tag or an annotated tag) > git rev-parse --is-inside-work-tree # timeout=10 Setting origin to git@gitlab/mylib.git.git > git config remote.origin.url git@gitlab/mylib.git.git # timeout=10 Fetching origin... Fetching upstream changes from origin > git --version # timeout=10 > git config --get remote.origin.url # timeout=10 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/* ERROR: Checkout failed hudson.plugins.git.GitException: Command "git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/*" returned status code 128: stdout: stderr: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). fatal: Could not read from remote repository. {code} The credentials MY_SSH_KEY seems to not be used in this case. |
New:
Loading a shared library at a tag does not use the provided credentials: {code:java} lib = library( identifier: "mylib@tag", retriever: modernSCM( [$class: 'GitSCMSource', remote: "GITLAB_URL/mylib.git", credentialsId: 'MY_SSH_KEY'] ) ) {code} When using a branch name as version (identifier: "mylib@branch_name"), the library is well loaded: {code:java} Attempting to resolve branch_name from remote references... > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git ls-remote git@gitlab/mylib.git # timeout=10 Found match: refs/heads/branch_name revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb using credential MY_SSH_KEY Cloning the remote Git repository Cloning with configured refspecs honoured and without tags Cloning repository git@gitlab/mylib.git > git init /jenkins/workspace@libs/mylib # timeout=10 Fetching upstream changes from git@gitlab/mylib.git > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git fetch --no-tags --progress git@gitlab/mylib.git +refs/heads/*:refs/remotes/origin/* > git config remote.origin.url git@gitlab/mylib.git # timeout=10 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url git@gitlab/mylib.git # timeout=10 Fetching without tags Fetching upstream changes from git@gitlab/mylib.git using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git fetch --no-tags --progress git@gitlab/mylib.git +refs/heads/*:refs/remotes/origin/* Checking out Revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb (branch_name) > git config core.sparsecheckout # timeout=10 > git checkout -f 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb Commit message: "message" > git rev-list --no-walk 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb # timeout=10 {code} But when using a tag, a permission denied occured: {code:java} Loading library mylib@tag Attempting to resolve tag from remote references... > git --version # timeout=10 using GIT_SSH to set credentials Cle SSH pour la connexion au gitlab > git ls-remote git@gitlab/mylib.git.git # timeout=10 Found match: refs/tags/tag revision 1dd58015a5a5b9cb4a44404871b81cce6e5e18bb Resolving tag commit... (remote references may be a lightweight tag or an annotated tag) > git rev-parse --is-inside-work-tree # timeout=10 Setting origin to git@gitlab/mylib.git.git > git config remote.origin.url git@gitlab/mylib.git.git # timeout=10 Fetching origin... Fetching upstream changes from origin > git --version # timeout=10 > git config --get remote.origin.url # timeout=10 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/* ERROR: Checkout failed hudson.plugins.git.GitException: Command "git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/*" returned status code 128: stdout: stderr: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). fatal: Could not read from remote repository. {code} The credentials MY_SSH_KEY seems to not be used in this case. |
L V
made changes -
| Attachment | New: jenkins-59034-config.xml [ 48408 ] |
| Assignee | Original: Mark Waite [ markewaite ] |
| Resolution | New: Cannot Reproduce [ 5 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
| Link |
New:
This issue relates to |