从在EC2(Ubuntu)上运行的Jenkins访问AWS CodeCommit [英] Access AWS CodeCommit from Jenkins running on EC2 (Ubuntu)
问题描述
我正在尝试将Jenkins与AWS CodeCommit集成. Jenkins在具有Ubuntu 14.04的AWS EC2实例上运行.
I'm trying to integrate Jenkins with AWS CodeCommit. Jenkins is running on an AWS EC2 Instance with Ubuntu 14.04.
I followed this Blogpost: http://blogs.aws.amazon.com/application-management/post/Tx1C8B98XN0AF2E/Integrating-AWS-CodeCommit-with-Jenkins
问题是,由于jenkins用户没有权限,因此未执行 sudo -u jenkins aws configure .
The problem is, that sudo -u jenkins aws configure isn't executed because the jenkins user has no permissions.
你会怎么做?
以下命令无法正常运行:
The following commands aren't working as well:
sudo -u jenkins git config --global credential.helper '!aws codecommit credential-helper $@'
sudo -u jenkins git config --global credential.useHttpPath true
sudo -u jenkins git config --global user.email "me@mycompany.com"
sudo -u jenkins git config --global user.name "MyJenkinsServer"
詹金斯用户需要什么权利?
What rights does the jenkins user need?
谢谢.
推荐答案
我能够使用SSH实现此集成.在某种程度上,我遵循了以下指示: 设置CodeCommit
I was able to achieve this integration using SSH. To some extent, I followed these instructions: Setting up for CodeCommit
假设Jenkins主页为/var/lib/jenkins/
Assuming Jenkins Home is /var/lib/jenkins/
-
在Jenkins EC2实例(/var/lib/jenkins/.ssh/id_rsa)上创建ssh密钥
Create an ssh key on the Jenkins EC2 instance (/var/lib/jenkins/.ssh/id_rsa)
ssh-keygen -b 2048 -t rsa -f /var/lib/jenkins/.ssh/id-rsa -a -N
将公钥上载到IAM用户(IAM用户必须具有CodeCommit访问权限)
Upload the public key to an IAM user (IAM user must have CodeCommit access)
aws iam upload-ssh-public-key --user-name <username> --ssh-public-key-body file:///var/lib/jenkins/.ssh/id_rsa.pub
在上传密钥时收集SSHPublicKeyID
Collect the SSHPublicKeyID when you upload the key
{
"SSHPublicKey": {
"UserName": "jenkins",
"Status": "Active",
"SSHPublicKeyBody": "ssh-rsa <rsa-key> <host>\n",
"UploadDate": "2015-09-02T19:18:24.309Z",
"Fingerprint": "xxx",
"SSHPublicKeyId": "APK***"
}
}
创建/修改SSH配置文件
Create/modify SSH config file
Host git-codecommit.*.amazonaws.com
User APK*******
IdentityFile /var/lib/jenkins/.ssh/id_rsa
StrictHostKeyChecking no
其中APK ***是步骤3中检索到的密钥ID的值
Where the APK*** is the value of the Key ID retrieved in step 3
这篇关于从在EC2(Ubuntu)上运行的Jenkins访问AWS CodeCommit的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!