-
Bug
-
Resolution: Unresolved
-
Minor
-
Artifactory plugin: 3.17.0
Jenkins version: 2.346.2
I am currently using a containerized pipeline to build a set of Conan packages
def CONAN_CLIENT = "jenkins" def CONAN_REMOTE = "example" def CONAN_REPO = "conan-pkgs" pipeline { agent { docker { image 'example.com/registry/ubuntu:focal' } } parameters { choice( name: 'PROFILE', choices: ['Ubuntu20.04_x64', 'Ubuntu20.04_x86', 'Android_arm' ], description: 'Conan host profile' ) choice( name: 'BUILD_TYPE', choices: [ 'Debug', 'Release' ], description: 'The optimization level to build for' ) string( name: 'SERVER_ID', trim: true, defaultValue: 'EXAMPLE_ARTIFACTORY', description: 'The artifactory instance to use' ) } stages { stage ('Conan configuration') { steps { rtConanClient ( id: CONAN_CLIENT ) // Obtain an Artifactory server instance, defined in Jenkins --> Manage Jenkins --> Configure System: rtConanRemote ( name: CONAN_REMOTE, serverId: params.SERVER_ID, repo: CONAN_REPO, clientId: CONAN_CLIENT ) } } stage ('Conan install') { steps { sh 'mkdir -p build/conan' rtConanRun ( clientId: CONAN_CLIENT, command: "install . -if build/conan -pr:b=profiles/${BUILD_PROFILE}.jinja -pr:h=profiles/${params.PROFILE}.jinja --build -s build_type=${params.BUILD_TYPE}" ) } } stage ('Conan upload') { steps { rtConanRun ( clientId: CONAN_CLIENT, command: "upload '*' -r ${CONAN_REMOTE} --all --confirm --parallel" ) } } stage ('Publish build info') { steps { rtPublishBuildInfo ( serverId: params.SERVER_ID ) } } } }
The issue is that my Artifactory instance uses a certificate that's not in the default Conan `cacert.pem` file meaning I have to manually add it by doing something like `cat cert.pem >> ~/.conan/cacert.pem`. now the custom Docker image I'm using already does this but for some reason when using the Jenkinsfile-Artifactory dsl it doesn't work, yet using just plain `sh` commands work
stage('Build and upload dependencies') { steps { withCredentials([usernamePassword(credentialsId: 'artifactory-key', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) { sh 'conan user "$USERNAME" -r ${params.SERVER_ID} -p "$PASSWORD"' } sh 'mkdir -p build/conan' sh "conan install . -if build/conan -pr:b=profiles/${BUILD_PROFILE}.jinja -pr:h=profiles/${params.PROFILE}.jinja --build -s build_type=${params.BUILD_TYPE}" sh "conan upload '*' -r ${params.SERVER_ID} --all --confirm --parallel" } }
The console output from using the plugin is
[Conan] $ docker exec --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** db2688ca364f47fc67f153a215874ae6c8699def3f7af001c37850e761fa2419 sh -c "conan remote add example https://artifacts.example.com/artifactory/api/conan/conan-pkgs True " Error occurred for request GET /artifactory/api/system/version HTTP/1.1: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Failed sending usage report to Artifactory: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target WARN: Remotes registry file missing, creating default one in /home/jenkins/workspace/Conan@tmp/artifactory/conan.tmp4868621642054372388/.conan/remotes.json Adding conan user 'wbehrens', server 'example' [Conan] $ docker exec --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** --env ******** db2688ca364f47fc67f153a215874ae6c8699def3f7af001c37850e761fa2419 sh -c ******** ERROR: HTTPSConnectionPool(host='artifacts.example.com', port=443): Max retries exceeded with url: /artifactory/api/conan/conan-pkgs/v1/ping (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))
