Jenkins : Permission denied (publickey,password) - jenkins

I'm trying to copy files using scp command from jenkins (ci/cd). But i got permission denied error. If i'm trying manually from diffrent servers, its all done, at the same time i tried the same command in jenkins exes command, then i got error.
Configure > Build > execute shell
and the console output is like below,
[nginx_server] $ /bin/sh -xe /tmp/jenkins7685256768444698.sh
scp 111 ubuntu#34.229.202.9:/home/ubuntu Permission denied, please try again. Permission denied, please try again. ubuntu#34.229.202.9:
Permission denied (publickey,password). lost connection Build step
'Execute shell' marked build as failure Finished: FAILURE
if anyone know the solution, please answer...

Add your ssh key as a secret to Jenkins.
In your pipeline use sshagent:
pipeline {
stages {
stage('Stage_name') {
steps {
script {
sshagent (credentials: ['secret_name']) {
sh "scp ... "
}
}
}
}
}
}

Related

Permission denied

I created a freestyle project on Jenkins to copy artifacts from another project to a directory (/home/ubuntu/training-configuration).
I already gave the directory full permission on my terminal to using
sudo chmod -R 777 /home/ubuntu/training-configuration.
But I always receive this error.:
Started by user Training
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/save-artifact
FATAL: /home/ubuntu/training-configuration
java.nio.file.AccessDeniedException: /home/ubuntu/training-configuration
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
at java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:389)
at java.base/java.nio.file.Files.createDirectory(Files.java:690)
at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:797)
at java.base/java.nio.file.Files.createDirectories(Files.java:783)
at hudson.FilePath.mkdirs(FilePath.java:3609)
at hudson.FilePath.access$1100(FilePath.java:212)
at hudson.FilePath$Mkdirs.invoke(FilePath.java:1384)
at hudson.FilePath$Mkdirs.invoke(FilePath.java:1379)
at hudson.FilePath.act(FilePath.java:1200)
at hudson.FilePath.act(FilePath.java:1183)
at hudson.FilePath.mkdirs(FilePath.java:1374)
at hudson.plugins.copyartifact.CopyArtifact.copy(CopyArtifact.java:670)
at hudson.plugins.copyartifact.CopyArtifact.perform(CopyArtifact.java:634)
at hudson.plugins.copyartifact.CopyArtifact.perform(CopyArtifact.java:518)
at jenkins.tasks.SimpleBuildStep.perform(SimpleBuildStep.java:123)
at hudson.tasks.BuildStepCompatibilityLayer.perform(BuildStepCompatibilityLayer.java:79)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:814)
at hudson.model.Build$BuildExecution.build(Build.java:199)
at hudson.model.Build$BuildExecution.doRun(Build.java:164)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:522)
at hudson.model.Run.execute(Run.java:1896)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:44)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Finished: FAILURE
As in:
The error stack trace includes:
at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:797)
at java.base/java.nio.file.Files.createDirectories(Files.java:783)
at hudson.FilePath.mkdirs(FilePath.java:3609)
at hudson.FilePath.access$1100(FilePath.java:212)
That suggests the "save artifacts" job is misconfigured and tries to save artifacts in a subfolder called /home/ubuntu/training-configuration, that it tries to create inside /var/lib/jenkins/workspace/save-artifact.
Or the job is executed on an agent where /home/ubuntu/training-configuration does not exits, and it starts by trying to create the source folder (which it does not have the right to do on that agent).
Try instead a pipeline like the one described in "Jenkins archive artifact/save file in Pipeline" from Gustavo Apolinario:
pipeline {
agent any
stages {
stage('Download') {
steps {
sh 'mkdir js'
sh 'echo "not a artifact file" > js/build.js'
sh 'echo "artifact file" > js/build.min.js'
sh 'mkdir css'
sh 'echo "not a artifact file" > css/build.css'
sh 'echo "artifact file" > css/build.min.css'
}
}
}
post {
always {
archiveArtifacts artifacts: '**/*.min.*', onlyIfSuccessful: true
}
}
}

Jenkins. Error when copying secret file to my workspace during build

While running, my pipeline is duplicating the binaries located in a BitBucket workspace into the build workspace, then needs to add in the build workspace some secret files from the credential store, and then start to build the docker image.
But the pipeline is failing when copying the files.
I searched and applied different solutions found here but still have the same error.
Running the following command :
stage('push credential in jenkins workspace') {
steps {
script {
withCredentials([
file(credentialsId: 'saremediation', variable: 'SA_KEY_PATH')]){
sh "ls -al"
sh "mkdir ${CERTIFDIR}"
sh "cp ${SA_KEY_PATH} ${CERTIFDIR}/credent.json"
}
}
}
}
failed with the following error :
[Pipeline] sh
Warning: A secret was passed to "sh" using Groovy String interpolation, which is insecure.
Affected argument(s) used the following variable(s): [SA_KEY_PATH]
See https://jenkins.io/redirect/groovy-string-interpolation for details.
+ cp **** server/src/configuration/certificats/credent.json
cp: target 'server/src/configuration/certificats/credent.json' is not a directory
the CERTIFDIR folder is well created, because when I add sh "ls -al ${CERTIFDIR}", I cans see that the folder is created and empty.
fix the problem by applyong this syntax in the cp command
sh "cp \"${SA_KEY_PATH}\" \"${CERTIFDIR}\""

Jenkinsfile is failing with error #tmp/durable-df843027/script.sh: line 1: terraform: command not found

I'm trying to run a terraform commands from Jenkinsfile stage. The code I'm using is as below:
node {
checkout(scm)
stage ('Templates Deployment'){
sh "terraform init"
}
}
This fails with the error as :
+terraform init
/var/lib/jenkins/workspace/Terraform-Code/#tmp/durable-df843027/script.sh: line 1: terraform: command not found
Terraform is installed on the Jenkins server. When I execute the terraform init command from the server(CLI), it works fine.
But while running it from the Jenkinsfile(console) it's throwing this error.
Can someone please suggest how this error can be resolved? Any help to execute terraform commands via Jenkinsfile is highly appreciated.
Configure Terraform
Go to Manage Jenkins > Global Tool Configuration > It will display Terraform on the list.
give full path of terraform binary or set PATH before terraform init
`node {
checkout(scm)
stage ('Templates Deployment'){
sh """
PATH=/bin/terraform
terraform init"
}
}`
You can set the PATH inside the environment block:
pipeline {
agent any
environment {
PATH = "/usr/local/bin/:$PATH"
}
stages{
stage("first stage"){
steps{
sh "cd /Users/<user>/Terraform/proj1"
sh "pwd"
sh "terraform"
}
}
}
}

Getting build failed as username is not readable

In my jenkins file failing at below command
Code :
stage('Release') {
steps {
sh '/opt/maven/bin/mvn --batch-mode release:clean release:prepare release:perform'
}
}
stage('Update Rel') {
steps {
sh 'git push https://xxxx:password#github.com/dxtrsd/maven-multi-module-example.git HEAD:master'
}
Build failure :
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:3.0.0-M1:prepare (default-cli) on project multi: Unable to commit files
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] fatal: could not read Username for 'https://github.com': No such device or address
[ERROR] -> [Help 1]
[ERROR]
Following "Bootstrap your CI with Jenkins and GitHub" from Michael Wanyoike, you need to have entered your GitHub credentials first:
Then you need to select that credential under your URL (the image shows a SSH URL, but in your case, use the HTTPS URL)
I fixed this issue with providing user and password in developer connection url in block in the POM.xml file

How do I use Jenkins to build a private GitHub Rust project with a private GitHub dependency?

I have a private GitHub Rust project that depends on another private GitHub Rust project and I want to build the main one with Jenkins. I have called the organization Organization and the dependency package subcrate in the below code.
My Jenkinsfile looks something like
pipeline {
agent {
docker {
image 'rust:latest'
}
}
stages {
stage('Build') {
steps {
sh "cargo build"
}
}
etc...
}
}
I have tried the following in Cargo.toml to reference the dependency, it works fine on my machine
[dependencies]
subcrate = { git = "ssh://git#ssh.github.com/Organization/subcrate.git", tag = "0.1.0" }
When Jenkins runs I get the following error
+ cargo build
Updating registry `https://github.com/rust-lang/crates.io-index`
Updating git repository `ssh://git#github.com/Organization/subcrate.git`
error: failed to load source for a dependency on `subcrate`
Caused by:
Unable to update ssh://git#github.com/Organization/subcrate.git?tag=0.1.0#0623c097
Caused by:
failed to clone into: /usr/local/cargo/git/db/subcrate-3e391025a927594e
Caused by:
failed to authenticate when downloading repository
attempted ssh-agent authentication, but none of the usernames `git` succeeded
Caused by:
error authenticating: no auth sock variable; class=Ssh (23)
script returned exit code 101
How can I get Cargo to access this GitHub repository? Do I need to inject the GitHub credentials onto the slave? If so, how can I do this? Is it possible to use the same credentials Jenkins uses to checkout the main crate in the first place?
I installed the ssh-agent plugin and updated my Jenkinsfile to look like this
pipeline {
agent {
docker {
image 'rust:latest'
}
}
stages {
stage('Build') {
steps {
sshagent(credentials: ['id-of-github-credentials']) {
sh "ssh -vvv -T git#github.com"
sh "cargo build"
}
}
}
etc...
}
}
I get the error
+ ssh -vvv -T git#github.com
No user exists for uid 113
script returned exit code 255
Okay, I figured it out, No user exists for uid error is because of a mismatch between the users in the host /etc/passwd and the container /etc/passwd. This can be fixed by mounting /etc/passwd.
agent {
docker {
image 'rust:latest'
args '-v /etc/passwd:/etc/passwd'
}
}
Then
sshagent(credentials: ['id-of-github-credentials']) {
sh "cargo build"
}
Works just fine

Resources