Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-68367

Credentials not working with remote build node

XMLWordPrintable

      Running a deployment on a remote Jenkins node fails as the credentials can not be obtained.

      java.lang.RuntimeException: Missing Jenkins Instance
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.AWSClientFactory.lookupNamedCredential(AWSClientFactory.java:96)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.AWSClientFactory.getClientFactory(AWSClientFactory.java:85)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.cmd.DeployerCommand$InitAWS.perform(DeployerCommand.java:143)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.cmd.DeployerChain.perform(DeployerChain.java:54)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.SlaveDeployerCallable.call(SlaveDeployerCallable.java:42)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.SlaveDeployerCallable.call(SlaveDeployerCallable.java:27)
	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
	at hudson.remoting.Request$2.run(Request.java:376)
	at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused: java.util.concurrent.ExecutionException
	at hudson.remoting.Channel$2.adapt(Channel.java:1036)
	at hudson.remoting.Channel$2.adapt(Channel.java:1030)
	at hudson.remoting.FutureAdapter.get(FutureAdapter.java:61)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.DeployerRunner.perform(DeployerRunner.java:64)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.AWSEBDeploymentBuilder.perform(AWSEBDeploymentBuilder.java:243)
Caused: java.io.IOException: Deployment Failure
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.AWSEBDeploymentBuilder.perform(AWSEBDeploymentBuilder.java:245)
	at jenkins.tasks.SimpleBuildStep.perform(SimpleBuildStep.java:123)
	at hudson.tasks.BuildStepCompatibilityLayer.perform(BuildStepCompatibilityLayer.java:79)
	at br.com.ingenieux.jenkins.plugins.awsebdeployment.AWSEBDeploymentBuilder.perform(AWSEBDeploymentBuilder.java:79)
	at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
	at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:816)
	at hudson.model.Build$BuildExecution.build(Build.java:199)
	at hudson.model.Build$BuildExecution.doRun(Build.java:164)
	at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:524)
	at hudson.model.Run.execute(Run.java:1897)
	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:44)
	at hudson.model.ResourceController.execute(ResourceController.java:101)
	at hudson.model.Executor.run(Executor.java:442)

      The problem is probably caused by:

      private static AmazonWebServicesCredentials lookupNamedCredential(String credentialsId) throws CredentialNotFoundException {
    final Jenkins jenkins = Jenkins.getInstanceOrNull();

      The docs also explain that this method can not be used if it is not running on the Jenkins master node:

       

          /**
     * Gets the {@link Jenkins} singleton.
     * {@link #get} is what you normally want.
     * <p>In certain rare cases you may have code that is intended to run before Jenkins starts or while Jenkins is being shut down.
     * For those rare cases use this method.
     * <p>In other cases you may have code that might end up running on a remote JVM and not on the Jenkins controller or built-in node.
     * For those cases you really should rewrite your code so that when the {@link Callable} is sent over the remoting channel
     * it can do whatever it needs without ever referring to {@link Jenkins};
     * for example, gather any information you need on the controller side before constructing the callable.
     * If you must do a runtime check whether you are in the controller or agent, use {@link JenkinsJVM} rather than this method,
     * as merely loading the {@link Jenkins} class file into an agent JVM can cause linkage errors under some conditions.
     * @return The instance. Null if the {@link Jenkins} service has not been started, or was already shut down,
     *         or we are running on an unrelated JVM, typically an agent.
     * @since 1.653
     */
    @CLIResolver
    @CheckForNull
    public static Jenkins getInstanceOrNull() {
        return HOLDER.getInstance();
    }

      Steps to reproduce the issue:

      1. create a Jenkins node that is accessed via SSH
      2. create AWS credentials in credential management
      3. create job with awseb-deployment-plugin step that uses the AWS credentials
      4. run job on remote node

       

            Unassigned Unassigned
            cmoetzing Christian Mötzing
            Votes:
            2 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: