[JENKINS-59183] Git clone submodule with token fails - Jenkins Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Not A Defect
Component/s: git-client-plugin, git-plugin
Labels:
None
Environment:
git plugin 3.12.0
git client plugin 2.8.2
Jenkins 2.192
github branch source 2.5.6

Similar Issues:

Show

Description

I use a token for github branch source plugin scanning repositories of an organization.

One of the repos has submodules and the submodules are in the same organization. However, it seems the submodules cannot be cloned using the token. The head repository is cloned correctly.

hudson.plugins.git.GitException: Command "C:\Program Files\git\cmd\git.exe submodule update --init --recursive Common" returned status code 1:
 stdout: 
 stderr: Cloning into 'C:/Program Files (x86)/Jenkins/workspace/XXXXX/Common'...
 Host key verification failed.
 fatal: Could not read from remote repository.
Please make sure you have the correct access rights
 and the repository exists.
 fatal: clone of 'git@github.ENTREPRISE.com:ORGANIZATION/Cortex_FW_common.git' into submodule path 'C:/Program Files (x86)/Jenkins/workspace/XXXXX/Common' failed
 Failed to clone 'Common'. Retry scheduled

Attachments

Activity

Ascending order - Click to sort in descending order

Mark Waite added a comment - 2019-09-02 12:00

Submodule authentication requires that the parent repository access and the submodule must use the same protocol. Command line git authentication for HTTP and HTTPS supports username / password credentials. Command line git authentication for ssh supports private key credentials.

In this example, the token is a username / password credential. It can be used to clone the repository with HTTP and HTTPS but cannot be used to clone the repository with ssh. The clone error message indicates that the repository is being cloned with ssh. A private key credential is needed to clone that submodule.

Mark Waite added a comment - 2019-09-02 12:00 Submodule authentication requires that the parent repository access and the submodule must use the same protocol. Command line git authentication for HTTP and HTTPS supports username / password credentials. Command line git authentication for ssh supports private key credentials. In this example, the token is a username / password credential. It can be used to clone the repository with HTTP and HTTPS but cannot be used to clone the repository with ssh. The clone error message indicates that the repository is being cloned with ssh. A private key credential is needed to clone that submodule.

julien staub added a comment - 2019-09-02 14:02

There waas a deadlock as github branch source plugin need token for scanning and checkout needs to be SSH. Solved with "checkout over SSH" option and separating scan and chechout/build credentials

julien staub added a comment - 2019-09-02 14:02 There waas a deadlock as github branch source plugin need token for scanning and checkout needs to be SSH. Solved with "checkout over SSH" option and separating scan and chechout/build credentials

People

Assignee:: Unassigned

Reporter:: julien staub

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-09-02 11:36

Updated:: 2019-09-02 14:02

Resolved:: 2019-09-02 14:02