I am trying to run a linux command in a jenkins pipeline using sh, but for some reason my command get's spited in 2 and tries to execute them sparely.
The result of the pipeline is:
curl --insecure -u ':' --upload-file ./file.ear
curl: no URL specified!
Please see the image.
pipeline {
agent any
stages {
stage('use curl'){
steps{
script{
withCredentials([
usernamePassword(credentialsId: 'CREDENTIALS', usernameVariable: 'USER', passwordVariable: 'PWD')
]) {
sh(script:"curl --insecure -u ${USER}:${PWD} --upload-file ./" + Artifact + " " + REPO_URL + Artifact.substring(0, Artifact.length() - 5) + "/", returnStdout: false)
} //withCredentials
} // scripts
} //steps
} //stage
}
}
Using Artifact.trim() did not fix it. But using Artrifact.substring(0, Artifact.length() - 1) instead did the trick.
Related
So I have a Jenkins instance that I need to automatically tag a Docker Image with using a Jenkinsfile Pipeline that automatically tags the image with the commit hash and then pushes it to the Docker Repository. Jenkins is configured correctly, but my pipeline is still failing. At first, I tried using the following command, which returns the current commit hash of my repository.
git rev-parse --short=10 HEAD
Then I noticed this was returning more than one line, so I started using this:
git rev-parse --short=10 HEAD | tail -n +2
Which returns a commit hash similar to this:
338fcaa318b17c40dacf81dcf7a5826e3e3f0160
My goal is to tag my docker images with this hash using a Jenkinsfile:
pipeline {
agent any
environment {
tag = sh(returnStdout: true, script: "git rev-parse -short=10 HEAD | tail -n +2")
}
stages {
stage('Build core lodestone image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile.lodestone -t mirantiseng/lodestone:${var.tag} ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone:${var.tag}"
}
}
}
stage('Build core lodestone-comment image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile -t mirantiseng/lodestone-comment:${var.tag} ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone-comment:${var.tag}"
}
}
}
stage('Build core lodestone-mover image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile.mover -t mirantiseng/lodestone-mover:${var.tag} ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone-mover:${var.tag}"
}
}
}
}
}
The build works if I take out the :${var.tag} and the following block, but it just pushes latest. This leaves the working file looking like this:
pipeline {
agent any
stages {
stage('Build core lodestone image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile.lodestone -t mirantiseng/lodestone ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone"
}
}
}
stage('Build core lodestone-comment image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile -t mirantiseng/lodestone-comment ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone-comment"
}
}
}
stage('Build core lodestone-mover image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile.mover -t mirantiseng/lodestone-mover ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone-mover"
}
}
}
}
}
But I need the docker images to be tagged. I read up on the Jenkinsfile and it said I could make an environmental variable using environment {<something>} to set global variables. I have a variable called tag that I would like to implement that tags the docker images with the commit hash. How can I accomplish this?
You could have used is just $GIT_COMMIT like this
sh "docker build -f Dockerfile.mover -t mirantiseng/lodestone-mover:${GIT_COMMIT} ."
So all I had to do was change the way tag was defined:
pipeline {
agent any
environment {
tag = sh(returnStdout: true, script: "git rev-parse --short=10 HEAD").trim()
}
stages {
stage('Build core lodestone image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile.lodestone -t mirantiseng/lodestone:${tag} ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone:${tag}"
}
}
}
stage('Build core lodestone-comment image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile -t mirantiseng/lodestone-comment:${tag} ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone-comment:${tag}"
}
}
}
stage('Build core lodestone-mover image') {
steps {
// TODO: proper tagging
sh "docker build -f Dockerfile.mover -t mirantiseng/lodestone-mover:${tag} ."
withCredentials([usernamePassword(credentialsId: 'common-dockerhub-up', usernameVariable: 'HUB_USER', passwordVariable: 'HUB_PASS')]) {
sh "docker login -u ${HUB_USER} -p ${HUB_PASS} && docker push mirantiseng/lodestone-mover:${tag}"
}
}
}
}
}
The main change was this
tag = sh(returnStdout: true, script: "git rev-parse --short=10 HEAD").trim()`
I am trying to get environment variable declared in pipeline unfortunately i am not getting the pipeline environment variable in ssh agent shell command.
I am trying to get environment variable declared in pipeline unfortunately i am not getting the pipeline environment variable in ssh agent shell command.
Please find the code below:
#!groovy
library 'reference-pipeline'
pipeline{
agent {
label 'Weblogic||Tomcat'
}
environment{
HostName='test.prod.com'
sshserver="ssh -o StrictHostKeyChecking=no user#${HostName}"
SERVER_ADDRESS='192.25.58.201'
CONFIG='PRODUCTION'
}
stages
{
stage("Check TLA version")
{
steps{
script{
sshagent(credentials : ['SSH_Credentials']) {
sh """
set -e
$sshserver << "EOF"
echo "Configuration:$CONFIG" // output "Configuration: " should be "Configuration:production"
echo " Server:$SERVER_ADDRESS" // output "Server: " should be "Server: 192.25.58.201"
echo " Server Host : $hostname" // output "server host: testgood"
echo "started"
'`git describe`'
echo "ended"
cd /var/lib/ubuntu/test-srv/current
server_version="`git describe`"
echo "Current server version: $server_version"
if [[ $server_version != *'1.0.0_Release'* ]]; then
echo "Error: The underlying server version is not 1.0.0_Release Release. Exiting ..."
exit 1
fi
EOF
"""
}
}
}
}
}
post {
always {
cleanWs()
}
}
}
Instead of:
echo "Configuration:$CONFIG"
try:
echo "Configuration: ${env.CONFIG}"
Does anybody know why:
…
steps
{
script
{
sshagent(credentials: ['jenk'])
{
sh "git remote show …" //This does not work !
bat "git remote show …" //This works ??
}
}
}
...
The 'jenk' credentials are managed via Jenkins->credentials->System->global credentials
EDIT:
Sorry forgot the error msg:
Host key verification failed
fatal: Could not read from remote repository
Jenkins was configured using CYGWIN_NT-6.3-WOW (i686 Cygwin) for the sh commands.
After all this commands cleared everything:
if (isUnix())
{
echo "Jenkins runs on Linux"
}
else
{
echo "Jenkins runs on Windows"
}
echo "show shell kernel version (uname -a) : "
def res = sh (script: "uname -a", returnStdout: true)
echo "${res}" //=>CYGWIN_NT-6.3-WOW...
res2 = sh (script: "ls -al ~/.ssh", returnStdout: true)
echo "${res2}"
So the solution to the problem above is therefore adding the ssh-keys to cygwin
If you need your credentials you could do this:
https://codurance.com/2019/05/30/accessing-and-dumping-jenkins-credentials/
in my Mac, wget command working. How to fix this issue?
Error Message
wget
https://dl.google.com/android/repository/sdk-tools-linux-4333796.zip
/Users/don/.jenkins/workspace/demo#tmp/durable-2702e009/script.sh:
line 1: wget: command not found
Full Pipeline Script
node('master') {
def home = sh(script: "echo $ANDROID_HOME",returnStdout: true).trim()
def SDKPath = "$home/Android/sdk"
stage("Preparing SDK"){
// Check SDK Downloaded
def isSDKDownloaded = sh(script: "test -e sdk-tools-linux-4333796.zip && echo true || echo false",returnStdout: true).trim()
if(isSDKDownloaded == "false"){
// Download SDK
sh "wget 'https://dl.google.com/android/repository/sdk-tools-linux-4333796.zip'"
}
// Check if SDK is Extracted
def isExtracted = sh(script: "test -e $SDKPath/tools && echo true || echo false",returnStdout: true).trim()
if(isExtracted == "false"){
sh "mkdir -p $SDKPath"
//Unzip SDK
sh "unzip sdk-tools-linux-4333796.zip -d $SDKPath"
}
// Install SDK Tools
sh "yes | $SDKPath/tools/bin/sdkmanager 'build-tools;28.0.3' 'platform-tools' 'platforms;android-27'"
sh "ls $SDKPath/licenses"
// See installed And Available SDK
sh "$SDKPath/tools/bin/sdkmanager --list"
// Accept All SDK Licences
sh "yes | $SDKPath/tools/bin/sdkmanager --licenses"
}
def selectedBranch = SELECTED_RELEASE_BRANCH
stage('Checkout') {
git branch: selectedBranch, url: 'git#gitlab.com:o-apps/demo.git'
// Remove Existing local properties
sh 'rm local.properties ||:'
// Write sdk.dir Path into local properties file
sh "echo 'sdk.dir=$SDKPath' >> local.properties"
}
stage('Setup Tools') {
withCredentials([file(credentialsId: 'android_keystore', variable: 'KEYFILE')]) {
sh "cp \$KEYFILE app/key.jks"
}
}
stage('Build Release APK') {
sh "./gradlew clean assembleRelease"
}
stage('Upload to Play Store') {
androidApkUpload googleCredentialsId: 'key', apkFilesPattern: '**/*-release.apk', trackName: 'alpha'
}
stage('Cleanup Credential') {
sh "rm app/key.jks"
}
}
This is probably due to the $PATH environment variable which is different between your user and the user running Jenkins. Your user may be altering its $PATH by expanding it in the shell resource file (~/.bashrc, ~/.zshrc).
Not to worry, you can use the full path.
To find out the full path to wget, run this on the machine that runs the pipeline (the one labelled master):
% which wget
/usr/local/bin/wget
(Your path may naturally be different.)
Now use the full path:
// Download SDK
sh "/usr/local/bin/wget 'https://dl.google.com/android/repository/sdk-tools-linux-4333796.zip'"
I'm trying to leverage the Jenkins credentials plugin to store sensitive data which I want to inject into Secrets within my Kubernetes cluster. I have a JenkinsFile which is used in my project to define the steps and I've added the following code to pull a username/password from a credential and pass to shell script to replace a placeholder in a file with the actual file:
stages {
stage('Build') {
steps {
withCredentials([usernamePassword(credentialsId: 'creds-test', passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
sh '''
echo $USERNAME
echo $PASSWORD
chmod +x secrets-replace.sh
./secrets-replace.sh USERNAME_PLACEHOLDER $USERNAME
./secrets-replace.sh PASSWORD_PLACEHOLDER $PASSWORD
'''
}
echo 'Building...'
sh './gradlew build --refresh-dependencies'
}
}
...
}
However whenever this runs all I ever get is the masked **** value back, even when I pass it to the shell script. Here is part of the build log:
Is there something I need to configure to get access to the unmasked value?
Write the variable to a file in jenkins. Go to the jenkins workspace and look inside the file. The token will be present in plain text there.
UPDATE
Further easy way will be to print the base64 encoded value of the credential and then decode it.
Like the others added above, you could actually write it to a file and then cat the file outside of the withCredentials. You should be fine with this. As below..
withCredentials([usernamePassword(credentialsId: 'creds-test', passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
sh '''
echo $USERNAME > tmp
echo $PASSWORD >> tmp
'''
}
sh 'cat tmp'
This prints the actual credential values
Echoing straight from file didnt work for me so I tricked Jenkins like this to see the secret during debugging: Obviously, remove it right after debugging!
stage('Build') {
azureKeyVault(
credentialID: 'my-sp',
keyVaultURL: 'https://my-kv.vault.azure.net',
secrets: [
[envVariable: 'MY_SECRET', name: 'my-secret-name-in-azure-kv', secretType: 'Secret']
]
) {
sh '''
echo -n $MY_SECRET | base64 > tmpp
cat tmpp
'''
}
}
Consider manipulating the string
echo env.PASSWORD.toCharArray().join(' ');
like
stages {
stage('Build') {
steps {
withCredentials([usernamePassword(credentialsId: 'creds-test', passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
script {
echo env.USERNAME.toCharArray().join(' ');
echo env.PASSWORD.toCharArray().join(' ');
}
sh '''
chmod +x secrets-replace.sh
./secrets-replace.sh USERNAME_PLACEHOLDER $USERNAME
./secrets-replace.sh PASSWORD_PLACEHOLDER $PASSWORD
'''
}
echo 'Building...'
sh './gradlew build --refresh-dependencies'
}
}
...
}