I am getting error while trying to login dtr from my pipeline groovy scrit. it is saying that that was a credential error.
docker.withRegistry('https://dtrlb-oe3ko7eumonjw.eastus.cloudapp.azure.com/','ddcadmin')
and my error is:
enter image description here
The docker.withRegistry can find credential in Global domain, not system domain.
Related
I have Jenkins file to deploy my application into EKS cluster. From jenkins side i installed AWS credential plugin and I added Jenkins credential my secret key and access key values into the box.
Next when I'm running Jenkins build deployment stage falling with below error .
Unable to connect to the server: getting credentials: exec: executable aws not found
It looks like you are trying to use a client-go credential plugin that is not installed.
I faced similar issue and found it was a PATH settings issue. Basically aws is not found in PATH . What you could do is add "env" to the code and see what PATH values are in console output. To set the PATH correctly
Manage Jenkins -> Configure System -> Global properties -> Environment variables: name=PATH, value= (Ex: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin/ )
I have a simple jenkins job that just runs aws ssm send-command and it fails with:
"An error occurred (AccessDeniedException) when calling the SendCommand operation: User: arn:aws:sts::1234567890:assumed-role/jenkins-live/i-1234567890abc is not authorized to perform: ssm:SendCommand on resource: arn:aws:ssm:us-east-1:1234567890:document/my-document-name"
However, the IAM permissions are correct. To prove it, I directly SSH onto that instance and run the exact same ssm command, and it works. I verify it's using the instance role by running aws sts get-caller-identity and it returns arn:aws:sts::1234567890:assumed-role/jenkins-live/i-1234567890abc which is the same user mentioned in the error message.
So indeed, this assumed role can run the command.
I even modified the jenkins job to run aws sts get-caller-identity first, and it outputs the same user json.
Does jenkins do some caching that I am unaware of? Why would I get that AccessDeniedException if that jenkins-live user can run the command otherwise?
First, install the AWS Credentials and AWS Steps plugins and register your AWS key and secret access key in Jenkins credential store. Then, the next steps depends if you're using a freestyle or a declarative/scripted pipeline.
If you're using a freestyle pipeline: On "Build Environment", click on "Use secret text(s) or file(s)" and follow the next steps. After that, you're gonna have your credentials as variables in your pipeline;
If you're using a declarative/scripted pipeline: Enclose your aws calls with a withAWS block, something like this:
withAWS(region: 'us-east-1', credentials: 'my-pretty-credentials') {
// let's explode something
}
Best regards.
I have signed up for one of the public docker registries, so I've been given a username and password. I'm writing a Jenkins job which pulls an image from this repository, so I'm using the following command in my Jenkins pipeline
docker.withRegistry('https://registry.example.com', 'credentials-id')
However I don't know what I should put in as the credentials-id? How can I get it?
This credentials-id Item is provided by the Jenkins credentials Plugin. It is documented here, e.g. https://jenkins.io/doc/book/using/using-credentials/
terraform plan -var-file=uservar.tfvars
[0m[1mRefreshing Terraform state in-memory prior to plan...[0m
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
[0m
[31mError refreshing state: 1 error(s) occurred:
* provider.aws: InvalidClientTokenId: The security token included in the request is invalid.
status code: 403, request id: 39888d7e-b3f1-11e7-b6d2-9b6dc0727868[0m[0m
Build step 'Execute shell' marked build as failure
Finished: FAILURE
You need to run terraform init first, then terraform plan
Go through this document first: terraform Command: init
Secondly, for error The security token included in the request is invalid., please go through aws configuration to make sure you have set the AWS security token properly.
I got resolution for this one.
Do you pull your code form Git? If yes, pull only once
Note: Code on Git does not have access_key and secret_key, so if your jenkins job contains source control for every build the values (access_key and secret_key) are overridden.
-> Pull the code only once
-> In your jenkins/workspaces, set your access_key and secret_Key (or you can also mention it in Jenkins Build)
Before executing Jenkins job, Set aws cli parameters
aws configure
Set access_key, secret_key & region
and then execute
terraform init
terraform plan -var-file=uservar.tfvars
I am trying to do a docker build from a Jenkins job and I am getting the below error. Any ideas what is causing this error.
11:10:32 Step 1 : FROM docker.xxxx.com/xx/pkg-ssl:7-jdk8
11:10:32 Get https://docker.xxxx.com/v2/xx/pkg-ssl/manifests/7-jdk8:
unauthorized: unable to get identity token from basic auth credentials:
invalid_grant: invalid authentication credentials given
11:10:32 Build step 'Docker Build and Publish' marked build as failure