I need to create a tunnel like the following before code can be checked out from SVN :
ssh -L 9898:some_server.com:9898 user#another_server.com
Now, I added pre-scm-buildstep plugin and wrote a script to open the tunnel before updating the repository as explained here, but it doesn't work with polling. It only works if I ask Jenkins to 'Build now'. In the setup where I have set it up to poll, its red saying that its unable to access the repository url, which can only happen if the tunnel was not created.
Is there any plugin such that I can execute a script before it polls, so that I can open the tunnel before it starts polling
Use ProxyCommand in your ssh config to have ssh automatically create the tunnel for you. e.g.,
Host another_server.com
ProxyCommand ssh some_server.com exec nc %h %p
With the above in ~jenkins/.ssh/config (or whatever user jenkins runs as), when it tries to ssh to another_server.com it will actually ssh to some_server.com and run nc to forward the ssh connection to the another_server.com.
Related
Unable to access localhost Jenkins from another computer in the same network. These are the steps I did
1) I pinged the ip address of the computer from another computer and it is successful
2) I change the Jenkins URL in the config to - http://[IP of the machine:8080]
3) Turned off the firewall.
However I am not able to access this url from the same computer or another computer - http://[IP of the machine:8080]
Any time would be appreciated. Followed all the steps, not sure if i need to use a service like xamp or mamp
i also did ifconfig and this is what i got. My jenkins port is running on :8080 and i dont know what url to add to my jenkins so i can access it from other network within the same computer
Also what other steps i need to do, do i need to open the port from somwhere?
For Instance, your IP of Jenkins master is 192.169.x.x.
Open the Port 8080 via firewall and then change the URL of jenkins from "Manage Jenkins >>Config Sys >> Jenkins Location>" to "http://192.169.x.x:8080"
Now you can access it from other machine on same network domain.Just have to hit the url http://192.169.x.x:8080
You can now create different users with different privileges for the same.
You can find it under Manage Jenkins >> Manage Users >> Create Users.
I am trying to trigger jenkins build whenever there is a push to GitLab.
I am referring to https://github.com/jenkinsci/gitlab-plugin.
When I test the connection for webhook it shows execution expired.
I am using:
Jenkins ver. 2.60.1
GitLab version 9.4.0-rc2-ee
Git lab plugin 1.4.6
The exact error message, clicking "Test setting" from GitLab:
We tried to send a request to the provided URL but an error occurred: execution expired
As mentioned in issue 128:
This looks and sounds like a configuration or network error.
Maybe your machine is not publicly available on the webhook address (firewall etc).
For instance, on Digital Ocean server, you would need to open up the port (mentioned in git-auto-deploy.conf.json) in the firewall:
sudo ufw allow 8866/tcp
Double-check though what you put in Manage Jenkins > Configure in term of Gitlab information (connection name, host url, credentials), as mentioned in jenkinsci/gitlab-plugin issue 391.
See GitLab Integration Jenkins: Configure the Jenkins server
It means issues in between jenkins server and gitlab or github server.
Like what I did:
I have set my local-IP:port/project/jenkins_project_name
http://192.168.1.21:8080/project/jenkins_project_name
and set the above URL in the gitlab webhook, it shouldn't work - right?
Because it's an IP that's private and not routable.
SO later I realized and set the public-IP and then hook worked.
http://public_IP:8080/project/jenkins_project_name
Note: To routable public-IP, you should expose port in your router [e.g. 8080 was for me or anything want ]
Hope this works.
I have faced the same issue.
In my case Jenkins is running in an AWS EC2 instance. I have resolved the issue by whitelisting the Public IP addresses of Gitlab on port 443 into the instance security group.
I am trying to generate a ssh key for a user entered email id using rails.
In the action, I'm running all the commands needed to do the process using system() call.
Locally on Ubuntu 14.04, everything seems to work fine. But on Ubuntu Server 14.04 on AWS, the key is generated successfully but it fails on ssh-add.
The problem:
On my local system, ssh-agent is up and running all the time, but on the server it never starts automatically for each shell session. Which is the reason why ssh-add fails on server.
For that, I added some code in server's .bash_profile file which would start the ssh-agent on every session. Now, the ssh-agent runs on every time I set up a session with the server via ssh, but it won't run for th ruby's system() call.
I was doing:
system('ssh-add id_rsa')
which said Could not open a connection to your authentication agent
. So, next thing I did was this:
system('eval "$(ssh-agent -s)" & ssh-add id_rsa')
But still not able to resolve the problem.
I don't know why locally I didn't need to start the ssh-agent manually and all of the code ran without any problem. And how can I make ssh-agent work as it is working on my local system.
I want to be able to add the newly generated ssh key using ssh-add some-key and make it persistent so that I don't have to add that again later if I reboot the server. I am doing all this in a rails method which is issuing all the commands using system() calls.
Help would be very appreciated. Thanks.
I want to clone and pull code from a person's git repository, that may be private in which case I am generating a pair of ssh keys and adding the public key to the person's github account using the API.
It's like the server will be accessing 5-10 people's private github repositories by creating ssh keys for all of them and adding the public keys into their account. Example: http://gist.github.com/jexchan/2351996
To access remote repository using git you don't need ssh-agent. Specifying the keys in the ssh_config such as
Host github.com-user1
HostName github.com
IdentityFile ~/.ssh/id_rsa_user1
and then cloning using:
git clone git#github.com-user1:user1/whatever.git whatever
works the same way. But make sure the config file is accessible.
Also using ssh-agent does not scale, since the agent is offering all the keys that he has, regardless the user (in the linked example). If you grow up over ~5 repositories, you would start seeing authentication failures.
I created a slave for jenkins. when I access the node from slave machine it shows
Run from slave command line:
javaws http://localhost:8080/computer/Dimantha/slave-agent.jnlp
how to display IP address of master server instead of 'localhost'?
I have encountered this issue before and here is the solution:
Manage Jenkins-->Configure System-->Jenkins Location
Then change the Jenkins URL to actual IP or hostname.
Your master's configuration is probably set wrong.
In the Jenkins master configuration, you should edit Jenkins URL to the actual IP or hostname so it will be resolved correctly when accessing from a browser like in your example.
I hope this helps.
Not sure what you're asking - since this is a command line, you just edit the command and replace localhost with your master server name.
I am currently running Jenkins on a GCE VM. As a build step, I want to trigger a Jenkins job on another VM in the same project. The problem is, HTTP and HTTPS access to the VMs is disabled, and I cannot use curl to trigger it remotely. An SSH tunnel remains the only option. But SSH onto a VM requires a google_compute_engine private key file, which helps you log in to a particular user..I was confused about how to use this file for the Jenkins user, which does not have a separate shell and was hoping for some advice. Thanks in advance!
The easiest way is to apply the default firewall rules to allow HTTP and HTTPS traffic to the instance by setting the Allow HTTP traffic and Allow HTTPS traffic checkboxs on in its detailed view at Developers Console, or adding the http-server and https-server tags manually by using gcloud command: "
gcloud compute instances add-tags INSTANCE --tags http-server https-server".
Setting up an SSH tunnel to Jenkins port of service is a possibility and it doesn't require using google_compute_engine key necessarily. You can configure and additional key and copy the public part for that key into Jenkins user's authorized_keys file directly, as you would with any other server. See this link for more details. If you use a custom SSH key, remember to specify the related private key when setting up the tunnel.
Another more straight-forward option would be creating new firewall rules for Jenkins ports and applying them to the Jenkins instance.