I have bin configuring a globally shared library correctly as it is shown to me in the global configuration of the Jenkins Server. In a Pipeline Job I try to use the specified library, but I get the error message, that no credentials were used to checkout the library from SCM.
Library Configuration
Name: LIBRARY
Default version: trunk -- Currently maps to revision: 125
Load implicitly: [ ]
Allow default version to be overridden: [x]
Include #Library changes in job recent changes: [x]
Modern SCM (o)
Legacy SCM ( )
Git ( )
GitHub ( )
Mercurial ( )
Subversion (o)
Project Repository Base: http://scrambled/url/repo/LIBRARY
Credentials: Scrambly/******
Include branches: trunk, tags/*
Pipeline
#Library('LIBRARY#trunk')
pipeline {
// Imagine some content //
}
Error Message
Checking out http://scrambled/url/repo/LIBRARY at revision 123
Using sole credentials <none> in realm ‘<http://scrambled> Scrambler’
ERROR: Subversion checkout has been canceled
org.tmatesoft.svn.core.SVNCancelException: svn: E200015: ISVNAuthentication provider did not provide credentials; HTTP authorization cancelled.
at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:694)
Caused: org.tmatesoft.svn.core.SVNCancelException: svn: E200015: E200015: ISVNAuthentication provider did not provide credentials; HTTP authorization cancelled.
svn: E200015: ISVNAuthentication provider did not provide credentials; HTTP authorization cancelled.
I do not understand it says there were <none> credentials in the error message, although I configured the shared library to use specific credentials.
Thank you all in advice.
i fix this problem by using https git url :
https://{username}:{passwd}#xxxxx.git
Related
I'm using Jenkins 2.346.2
The repository is located on bitbucket.org (cloud, not local server).
I want the build status to be sent to bitbucket and to be displayed as the PR build status.
I'm trying the plugin: https://plugins.jenkins.io/bitbucket-build-status-notifier/
The configuration is (multibranch pipeline project):
def notifyBitbucket(String state) {
notifyBitbucket(
commitSha1: 'a0e5012be0e8e89d122cc773a964c0en3a1a656b2',
credentialsId: 'jenkins_bitbucket_ssh',
disableInprogressNotification: false,
considerUnstableAsSuccess: true,
ignoreUnverifiedSSLPeer: true,
buildStatus: state,
buildName: 'Performance Testing',
buildUrl: 'https://bitbucket.org',
includeBuildNumberInKey: false,
prependParentProjectKey: false,
projectKey: '',
stashServerBaseUrl: 'https://bitbucket.org')
}
But what I get is a returned bitbucket page saying 'Resource not found'.
Currently, the only credentials I can use to connect to bitbucket is SSH key pair.
And they work okay for pulling the code. I'm trying to use this key for the notification plugin as well. Is this wrong?
Could anyone let me know how to specify the path to the project in this case, please?
One option you can consider is using the Bitbucket API, which would remove the need for an external plugin. The endpoint you need to call is:
${BITBUCKET_API_HEAD}/commit/${env.COMMIT_HASH}/statuses/build
More on this in the documentation. Here is how I have done it:
httpRequest([
acceptType : 'APPLICATION_JSON',
authentication : '<credentials>',
contentType : 'APPLICATION_JSON',
httpMode : 'POST',
requestBody : '''{
"key":"<unique-key>",
"name":"PR-Branch-Build",
"url":"<path-to-jenkins-build>/''' + env.BUILD_NUMBER + '''/pipeline",
"description":"Build status: '''+ BUILD_STATUS +'''",
"state":"'''+ BUILD_STATUS +'''"
}''',
responseHandle : 'NONE',
url : "${BITBUCKET_API_HEAD}/commit/${env.COMMIT_HASH}/statuses/build",
validResponseCodes: '200,201'
])
We are using "fortify on-demand (FOD)" platform to scan our source code to find out any security vulnerabilities are present. We integrated the FOD with jenkins to automate the process of uploading and scanning. And we opted the pipeline script method for integration. All the process up to uploading and scanning is running fine and we are capturing policy scan status (passed or failed) also, but the pipeline script of fodPollResults is failing to fail the build when the FOD policy scan is failed. irrespective of the result of policy scan the build is getting success.
jenkins pipeline script
stage('FOD POLL') {
steps {
fodPollResults bsiToken: '', personalAccessToken: 'fortify_personal_access_token', policyFailureBuildResultPreference: 2, pollingInterval: 3, releaseId: '******', tenantId: '', username: ''
}
}
Fortify on Demand Poll Results
the source code of this plugin is located here:
https://github.com/jenkinsci/fortify-on-demand-uploader-plugin/blob/master/src/main/java/org/jenkinsci/plugins/fodupload/steps/FortifyPollResults.java
and there is a bug ticket about this problem here:
https://github.com/jenkinsci/fortify-on-demand-uploader-plugin/issues/118
Following workaround seems to work:
steps {
fodPollResults ...
script {
if (manager.logContains('.*Scan failed established policy check.*')) {
error("Build failed because of negative fortify policy check.")
}
}
}
Tried to search a few sites, including Parameterized remote job is triggered but console says failure
I am attempting to migrate a token based job from existing (using curl) method of calling remote job to plugin based call as follows:
Remote Jenkins Setup: (myserver:8080) Job: MyPipelineFirstJob
Under Job configuration : Build Triggers --> "Trigger builds remotely (e.g., from scripts)" --> Authentication Token --> 108801
Existing job: On Local Jenkins:
curl -v --silent -X POST http://myserver:8080/job/MyPipelineFirstJob/buildWithParameters --data token=108801 --data RELEASE=9.2 --data ARCHITECTURE=ppc64le --data IP=9.99.999.99
New job on local Jenkins:
Now, I need to translate the above to use parameterized-remote-trigger-plugin. So Apart from Remote Host, etc, I have chosen the Auth type as follows in the Global configuration: "Parameterized Remote Trigger Configuration"
"Enable 'build token root' support" is unchecked -- Do not know what this means
Authentication --> Bearer Token Authentication
I see a WARNING message as "Address looks good, but a connection could not be established."
I am calling the below funciton to trigger the remote job:
def handle = triggerRemoteJob(remoteJenkinsName: 'Perf_Jenkins_Server', job: 'MyPipelineFirstJob/buildByToken/buildWithParameters', auth: "108801", parameters: 'RELEASE=HMC9.2.951.2,ARCHITECTURE=ppc64le,HMC_MACHINE=9.99.999.9998')
I have passed the string "108801" based on this site https://www.jenkins.io/doc/pipeline/steps/Parameterized-Remote-Trigger/ which says:
BearerTokenAuth
token (optional)
Type: String
Build Failure: With the above configuration, when build the job, I get this error:
22:07:12 java.lang.ClassCastException: class org.jenkinsci.plugins.ParameterizedRemoteTrigger.pipeline.RemoteBuildPipelineStep.setAuth() expects class org.jenkinsci.plugins.ParameterizedRemoteTrigger.auth2.Auth2 but received class java.lang.String
22:07:12 at org.jenkinsci.plugins.structs.describable.DescribableModel.coerce(DescribableModel.java:492)
22:07:12 at org.jenkinsci.plugins.structs.describable.DescribableModel.injectSetters(DescribableModel.java:429)
22:07:12 at org.jenkinsci.plugins.structs.describable.DescribableModel.instantiate(DescribableModel.java:331)
22:07:12 at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:269)
22:07:12 at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
22:07:12 at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
22:07:12 at sun.reflect.GeneratedMethodAccessor493.invoke(Unknown Source)
22:07:12 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
22:07:12 at java.lang.reflect.Method.invoke(Method.java:508)
So, I tried to remove the auth field, and passed it as part of parameters:
def handle = triggerRemoteJob(remoteJenkinsName: 'Perf_Jenkins_Server', job: 'MyPipelineFirstJob/buildByToken/buildWithParameters', parameters: 'token="108801",RELEASE="HMC9.2.951.2",ARCHITECTURE=ppc64le,HMC_MACHINE="9.99.999.9998"')
Note: I have also attempted to add double quotes around the parameter values. Having made these changes, and attempt to build, I get the following error:
22:19:12 ################################################################################################################
22:19:12 Parameterized Remote Trigger Configuration:
22:19:12 - job: MyPipelineFirstJob/buildByToken/buildWithParameters
22:19:12 - remoteJenkinsName: Perf_Jenkins_Server
22:19:12 - parameters: [token="108801",RELEASE="HMC9.2.951.2",ARCHITECTURE=ppc64le,HMC_MACHINE="9.99.999.998"]
22:19:12 - blockBuildUntilComplete: true
22:19:12 - connectionRetryLimit: 5
22:19:12 - trustAllCertificates: false
22:19:12 ################################################################################################################
22:19:12 Connection to remote server failed [404], waiting to retry - 10 seconds until next attempt. URL: http://myserver:8080/job/MyPipelineFirstJob/job/buildByToken/job/buildWithParameters/api/json, parameters:
22:19:22 Retry attempt #1 out of 5
22:19:22 Connection to remote server failed [404], waiting to retry - 10 seconds until next attempt. URL: http://myserver:8080/job/MyPipelineFirstJob/job/buildByToken/job/buildWithParameters/api/json, parameters:
22:19:32 Retry attempt #2 out of 5
Did you notice the additional "job" word : "buildByToken/job/buildWithParameters" in the above o/p? Not sure why!
Questions:
Is the Authentication type of "Bearer Token Authentication" the correct option that matches with the requirement of existing method?
Have I passed the parameters correctly?
How to overcome the failures seen above?
Found the solution: The parameters needs to be separated by a new line. Not a comma or space. So, I added '\n' char between each parameter as shown below and it worked!
def handle = triggerRemoteJob(remoteJenkinsName: 'Perf_Jenkins_Server', job: 'MyPipelineFirstJob', parameters: 'token=108801\nRELEASE=9.2.951.2\nARCHITECTURE=x86_64\nMACHINE_IP="9.99.999.998')
Ref: The below link has an example that uses "\n" as parameter separator.
https://github.com/jenkinsci/parameterized-remote-trigger-plugin/blob/master/README_PipelineConfiguration.md
Note: The above link refers to Snippet Generator. However, that Generator doesn't support "triggerRemoteJob" yet! May be, I would have solved my issue faster!
Jenkins Version: Jenkins 2.249.1
Parameterized Remote Trigger Plugin Version: 3.1.5.1
In my company, I'm running a pipeline as code project in which my Jenkinsfile gets a dynamic IP from a shell script, and injects that into a PrivateIP environment variable. The next step invokes a custom (in-house developed) plugin that accepts a "servers" argument as IP(s), though supposedly does not parse it correctly, cause the error output indicates an unresolvable host.
I've echoed the PrivateIP variable immediately above the plugin step, and it definitely outputs the correct value.
The plugin works if given a hard-value for IP, but fails if given anything dynamic. Built-ins such as dir don't give similar problems. I haven't been able to get a hold of the plugin developer to report the issue, nor have I gotten any responses for my issue. Is this typical for custom plugins? I've seen some documentation in the plugin developer docs that suggests only the initial environment stage is respected in pipeline plugins, otherwise a #StepContextParameter is needed to get a contextual environment.
stage('Provision') {
environment {
PrivateIP = """${sh(
returnStdout: true,
script: '${WORKSPACE}/cicd/parse-ip.sh'
)}"""
}
steps {
echo "Calling Playbook. PrivateIP: ${PrivateIP}"
customPluginName env: 'AWS',
os: 'Linux',
parameter: '',
password: '',
playbook: 'provision.yaml',
servers: PrivateIP,
gitBranch: '{my branch}',
gitUrl: '{URL}',
username: '{custom user}'
}
}
I'd expect the variable to be respected and execute an Ansible Playbook successfully.
Error
>>> fatal: [ansible_ssh_user={custom user}]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible_ssh_user={custom user}: Name or service not known\r\n", "unreachable": true}
If this in-fact a default behavior of custom plug-ins (not necessarily a bug), what are the good work arounds?
im using jenikins pipeline as code to clone a git project which is in private bitbucket repository(stash repository). i used this code block to clone the project in my pipeline script.
node {
//checkout from master
stage 'checkout'
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'MyID', usernameVariable: 'GIT_USERNAME', passwordVariable: 'GIT_PASSWORD']]) {
git url: 'https://paulrda#devMyCompany.org/stash/scm/test_automation.git' , branch: 'development'
}
}
'MyID' is the credential ID and my username and password is correct.i save my credentials in global credentials feature in jenkins. but i get this error when i build the jenkins task.
ERROR: Error fetching remote repo 'origin'
hudson.plugins.git.GitException: Failed to fetch from https://paulrda#devMyCompany.org/stash/scm/test_automation.git
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:803)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1063)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1094)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:109)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:83)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:73)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:221)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: hudson.plugins.git.GitException: Command "git fetch --tags --progress https://paulrda#devMyCompany.org/stash/scm/test_automation.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout:
stderr: fatal: Authentication failed for 'https://paulrda#devMyCompany.org/stash/scm/test_automation.git/'
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1745)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1489)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:64)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:315)
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:801)
In my mac machine under my paulrda account i can successfully clone my project using jenkins pipeline script but when i change to another account and run jenkins i get this error. still i cant understand why i get this error. please provide a solution to this problem.
my configurations.
Jenkins version : 2.19.2
Credentials Plugin : 2.1.8
Git plugin : 3.0.0
Git client plugin : 2.1.0
It's failing to authenticate because you are not passing the credentials to the git call correctly.
Since you are using the Git plugin and not a shell command, there's really no need to use withCredentials at all. You can pass the credentialsId directly to git call, like that:
stage('checkout') {
git credentialsId: 'MyID', url: 'https://devMyCompany.org/stash/scm/test_automation.git', branch: 'development'
}