Imm*_*Joe 6 ssh-agent jenkins jenkins-pipeline
我有一个简单的詹金斯管道构建,这是我的詹金斯文件:
pipeline {
agent any
stages {
stage('deploy-staging') {
when {
branch 'staging'
}
steps {
sshagent(['my-credentials-id']) {
sh('git push joe@repo:project')
}
}
}
}
}
我正在使用 sshagent 推送到远程服务器上的 git 存储库。我已经创建了指向 Jenkins master ~/.ssh 中的私钥文件的凭据。
当我运行构建时,我得到以下输出(我用 * 替换了一些敏感信息):
[ssh-agent] Using credentials *** (***@*** ssh key)
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent] Exec ssh-agent (binary ssh-agent on a remote machine)
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-cjbm7oVQaJYk/agent.11558
SSH_AGENT_PID=11560
$ ssh-add ***
Identity added: ***
[ssh-agent] Started.
[Pipeline] {
[Pipeline] sh
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 11560 killed;
[ssh-agent] Stopped.
[TDBNSSBFW6JYM3BW6AAVMUV4GVSRLNALY7TWHH6LCUAVI7J3NHJQ] Running shell script
+ git push joe@repo:project
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
如您所见,ssh-agent 启动,在执行 git push 命令后立即停止,然后运行。奇怪的是,它曾经正确工作过一次,但这似乎完全是随机的。
我对詹金斯还很陌生——我错过了一些明显的东西吗?任何帮助表示赞赏,谢谢。
编辑:我正在运行一个多分支管道,以防有帮助。
我最近遇到了类似的问题,尽管它是在 docker 容器内。日志给人的印象是 ssh-agent 退出得太早,但实际上问题是我忘记将 git 服务器添加到已知主机。
我建议 ssh-ing 到你的 jenkins master 并尝试执行与管道使用 ssh-agent (cli)相同的步骤。然后你就会看到问题出在哪里。
例如:
eval $(ssh-agent -s)
ssh-add ~/yourKey
git clone
更新:如果尚未添加,这里有一个用于添加knownHosts的实用程序:
/**
* Add hostUrl to knownhosts on the system (or container) if necessary so that ssh commands will go through even if the certificate was not previously seen.
* @param hostUrl
*/
void tryAddKnownHost(String hostUrl){
// ssh-keygen -F ${hostUrl} will fail (in bash that means status code != 0) if ${hostUrl} is not yet a known host
def statusCode = sh script:"ssh-keygen -F ${hostUrl}", returnStatus:true
if(statusCode != 0){
sh "mkdir -p ~/.ssh"
sh "ssh-keyscan ${hostUrl} >> ~/.ssh/known_hosts"
}
}
| 归档时间: |
|
| 查看次数: |
11805 次 |
| 最近记录: |