I need to run Jenkins over HTTPS.
I created the certificate and put it into the keystore. Then I launched Jenkins with the following options:
--httpsPort=8443 --httpsKeyStore=/etc/pki/java/cacerts --httpsKeyStorePassword=changeit
So far so good. But I had "peer not authenticated" error when deploying a file in the Artifactory.
According to a solution here I added my artifactory certificate to the keystore.
Now I can deploy files on Artifactory but Jenkins picked up the wrong entry from the keystore (the one of Artifactory). And I have a wrong certificate associated with Jenkins.
I was not able to specify the alias which should be used by Jenkins.
According to Jenkins docs it's possible to run Jenkins with the following options:
--httpsPort=443 --httpsCertificate=path/to/cert --httpsPrivateKey=path/to/privatekey
But in this case I'm not able to use my Artifactory certificate.
How can I run Jenkins with both Jenkins and Artifactory certificates ?
Trying different things I came to an idea to rename the alias of jenkins certificate.
The new alias is jenkins.
Strangely enough it solved my problem. For me it looks more like a hack than a solution. Put your real solution here and I'll accept it.
Related
Azure DevOps Server 2020 with self hosted agents on a different server
I have a build, which is creating an artifact in Azure Artifacts, then a release pipeline is triggered which should download this artifact and do something with it. Previously, the output of a build was on a file share and it work as expected. When I switched to Azure Artifacts - the download artifact task (which is added automatically by Azure DevOps) fails with following:
All other build tasks work on this server without a problem, and also this release pipeline works as expected on other servers. How I can start to troubleshoot this issue as I don't see any meaningful error message?
According to your screenshot, I could reproduce the similar issue in Azure Devops Server.
But in the task, I could see the error message:
Failed in getBuildApi with error: Error: self signed certificate.
If you have the same issue, you could try the following methods:
1.You could re-config the agent with the self signed certificate.
.\config.cmd --sslcacert ca.pem xxxx
Here is a ticket about the detailed steps, you could refer to it.
2.You could check if you have set the firewall. Firewalls could block the download of artifacts
3.You could set the system environment :NODE_TLS_REJECT_UNAUTHORIZED=0 and restart the agent services.
We had similar problem with self-hosted agents but there was a minor difference - our agents were deployed in vnet.
If that's the case make sure that in vnet's subnet you have enabled Microsoft.Storage service endpoint.
Hope this will save someone tons of time.
Im new on jenkins technologie.
I started with creating a jenkins job that pull code from gitlab to jenkins. this job did not worked as I had an issue tells that jenkins does not trusted the self signed certificate used by the gitlab server
issue in screenshot
Can I did some configuration from the jenkins inetrface (from web site) to allow cloning the self signed certificate.
Any help is really appreciated.
Thank you
Caution: To be used only by understanding the security issues that will crop-up by this behaviour.
My company is hosting github enterprise with a custom certificate and hence faced similar situation. Following is the work-around I've done to mitigate the issue.
Login to jenkins server as jenkins user (I've used sudo su jenkins to do this in my case).
Add the following lines to ~/.gitconfig and save.
[http]
sslVerify = false
Restart jenkins server.
From the image you haven't specified any credentials when trying to access your repo generally you would mention some form of credentials
apart from that your computer doesn't trust the certificate from gitlab you have to add the certificate into your git(installed location)
This link will give you a detailed explaination :)
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
I deploy Jenkins and GitLab using Docker (locally), both are connected with each other.
One of the problems (not very important) is with SSH. I create ssh key inside Jenkins container and set it to GitLab, but when Jenkins try to checkout the repository throws "Permission Denied". So, executing Jenkins bash, try to run git command and what's happen? GitLab container needs a password for access. Searching, and trying to do as a virtualized server, no works. Whatever, I solved using user and password (I don't like, but works).
The important problem. I don't have any problem creatin, and running, a job (using pipelines). The job download the world from GitLab and send the result to GitLab. The problem, after add a webhook with Jenkins URL to GitLab, push something but nothing happens in Jenkins, not trigger the job.
Anyone can help me?
Thanks!!
Is your webhook working correctly ?? are you able to send/receive request and response, if not refer to
Github webhook URL config issue? How to fix it?
When you push does it trigger a request ? can you try hitting it with postman if you do have a request. If you can provide more information, then it will be helpful :)
What do you put into the system hook URL? I see a lot of examples but they look like JSON scripts to me.
I'm trying to configure gitlab to hook jenkins to create projects when projects are generated in gitlab. I'd also like builds to be run when a merge (pull) request is generated for a repo.
I've followed the steps outlined here for the gitlab hook plugin:
http://doc.gitlab.com/ee/integration/jenkins.html
But it's still not generating builds on push requests. Perhaps i don't have something setup right?
I have also tried and failed to configure Gitlab to integrate with Jenkins by following the instructions at http://doc.gitlab.com/ee/integration/jenkins.html#jenkins-service
For me the reason was that I didn't have Gitlab EE installed. The page specifically states: "The Jenkins project service code is only available in GitLab EE"
I discovered by chance my answer. In gitlab under the project settings you can add the following hook to trigger a build on a pull request or commit.
http://gitlab.example.com/job/example_project/build?token=UserToken.
I believe I saw it in Jenkins.
Now i've installed the gitlab plugin and i've tried the build_commit? hook and some other hooks but i was running into other errors such as asking for repo location when i've provided it. This does the trick though and i'm happy enough for now.
On a server running ubuntu 12.04 I have installed jenkins 1.532.1 and artifactory 2.6.4.
Both of then are running fine separately. I also have maven 2.
With jenkins, I can build maven java project with sources on subversion.
With maven I can use Artifactory.
The problem is with the artifactory plugin for jenkins.
I added an artifactory server with credentials. Using connection check tell me : "Found Artifactory 2.6.4". It seems to be ok.
But when I create a maven job, in post build actions, I choose Deploy artifacts to artifactory. My server is already selected in the artifactory server but nothing is available in the repositories.
What can I do. Do I have to configure something special in Artifactory ?
I had also this issue, the problem comes from a refresh of Jenkins Plugin.
To deal with that issue, you should:
open your job
add a task for artifactory
save your job
Open again your job
Now you should be able to see your repositories.
Conclusion: You should add/save and reload your job to see your list of repo of artifactory.
I also have this problem, when switching from one artifactory server to another and it looks like a bug for me.
But if I save the settings once without a "non-selectable" repository and access the configuration of the job again, the repositories will be shown.
Ok, so after a very long time I tried again and ... I don't know why but now (I'm quite sure it was not working few months ago) the solution given by aorfevre and user3424040 are working.
I have also upgraded jenkins to 1.565.1 and the artifactory plugin to 2.2.3 and now there is a Refresh Repositories button in the Deploy artifacts to Artifactory task.
For the "Generic-Artifactory Integration" I had to configure Artifactory a bit. I added a group 'deployers' and a user 'deploy' in that group. Also I added a Permission Target for the LOCAL repositories where the group was granted deploy permissions.