-
Bug
-
Resolution: Unresolved
-
Major
-
VM host: Windows 10 1909 running Docker Desktop Community 19.03.5
Jenkins master: Docker image jenkins/jenkins:latest
Jenkins agent: Docker image openjdk:8-stretch + Swarm-Client 3.17 plugin
Hashicorp Vault: Docker image vault:latest
My Jenkins master is running Debian 9 with Jenkins 2.208, Git-plugin 4.0.0 and Hashicorp-vault-plugin 3.0.0. My Jenkins agent is running Debian 9 with Swarm-client plugin 3.17. My master is set to 0 executors so that all jobs run on the agent. I have my Bitbucket credentials saved in Jenkins 3 times - "Username with password", "Vault Username-Password Credential" with K/V engine 1 and "Vault Username-Password Credential" with K/V engine 2.
I have a test freestyle job that does nothing except fetch a Git repository from https://bitbucket.org/... If set the job's Git credentials to use the "Username with password" credentials then the agent successfully fetches the repository. If I use either of the "Vault Username-Password Credential" credentials then the agent fails on the command "git fetch --tags --progress ..." with "remote: Invalid username or password"
In a pipeline job with script from SCM, the master is able to fetch the repository with all 3 credential types but the agent can only fetch when using "Username with password" credentials - it is unable to fetch with "Vault Username-Password Credential" credentials.
Bitbucket usernames are email addresses so they contain "@" special character. In Vault I have tried URL encoding the username to "user%40domain.com" but this causes the master to also fail with invalid username.
- is related to
-
JENKINS-59085 Ability use vault plugin in combination with other plugins that require credentials
-
- Open
-
-
JENKINS-59830 Support google cloud source repos with git client plugin
-
- Open
-
-
JENKINS-39374 Add ability to get SCM authentication tokens from Vault
-
- Open
-
[JENKINS-60440] Invalid git username/password on Jenkins agent when using Vault Username-Password Credential with '@' in username
Assignee | Original: Mark Waite [ markewaite ] |
Link | New: This issue is related to JENKINS-39374 [ JENKINS-39374 ] |
Link | New: This issue is related to JENKINS-59830 [ JENKINS-59830 ] |
Summary | Original: Invalid git username/password on Jenkins agent when using Vault Username-Password Credential | New: Invalid git username/password on Jenkins agent when using Vault Username-Password Credential with '@' in username |
Link | New: This issue is related to JENKINS-59085 [ JENKINS-59085 ] |
Attachment | New: Screen Shot 2020-05-29 at 9.59.43 AM.png [ 51351 ] |
Comment |
[ Hi, Same issue when we try to authenticate with Gitlab Jenkins is unable to fetch secrets from Vault. We use pipeline plugin wherein we need to authenticate with Gitlab repo using username and password of our SCM (Gitlab) ERROR: FAILED to retrieve password key: java.lang.RuntimeException: com.datapipe.jenkins.vault.exception.VaultPluginException: Key password could not be found in path /path/to/secret ] |