Jenkins ssh-agent启动，然后在管道构建中立即停止 [英] Jenkins ssh-agent starts and then stops immediately in pipeline build

问题描述

我有一个简单的jenkins管道构建，这是我的jenkinsfile:

I have a simple jenkins pipeline build, this is my jenkinsfile:

pipeline {
    agent any
    stages {
        stage('deploy-staging') {
            when {
                branch 'staging'
            }
            steps {
                sshagent(['my-credentials-id']) {
                    sh('git push joe@repo:project')
                }
            }
        }
    }
}

我正在使用sshagent推送到远程服务器上的git repo.我已经创建了指向Jenkins主〜/.ssh中的私钥文件的凭据.

I am using sshagent to push to a git repo on a remote server. I have created credentials that point to a private key file in Jenkins master ~/.ssh.

运行构建时，得到以下输出(我用*代替了一些敏感信息):

When I run the build, I get this output (I replaced some sensitive info with *'s):

[ssh-agent] Using credentials *** (***@*** ssh key)
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent]   Exec ssh-agent (binary ssh-agent on a remote machine)
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-cjbm7oVQaJYk/agent.11558
SSH_AGENT_PID=11560
$ ssh-add ***
Identity added: ***
[ssh-agent] Started.
[Pipeline] {
[Pipeline] sh
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 11560 killed;
[ssh-agent] Stopped.
[TDBNSSBFW6JYM3BW6AAVMUV4GVSRLNALY7TWHH6LCUAVI7J3NHJQ] Running shell script
+ git push joe@repo:project
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

如您所见，ssh-agent启动，之后立即停止，然后运行git push命令.奇怪的是，它曾经正确地工作过一次，但似乎完全是随机的.

As you can see, the ssh-agent starts, stops immediately after and then runs the git push command. The weird thing is it did work correctly once but that seemed completely random.

我对詹金斯还是很陌生-我缺少明显的东西吗?任何帮助表示感谢，谢谢.

I'm still fairly new to Jenkins - am I missing something obvious? Any help appreciated, thanks.

我正在运行多分支管道，以防万一.

edit: I'm running a multibranch pipeline, in case that helps.

推荐答案

我最近遇到了一个类似的问题，尽管它位于docker容器中. 日志给人的印象是ssh-agent退出时间过早，但实际上问题是我忘记了将git服务器添加到已知主机.

I recently had a similar issue though it was inside a docker container. The logs gave the impression that ssh-agent exits too early but actually the problem was that I had forgotten to add the git server to known hosts.

我建议将ssh-sing到您的jenkins master上，并尝试执行与ssh-agent(cli)管道相同的步骤.然后，您将看到问题出在哪里.

I suggest ssh-ing onto your jenkins master and trying to do the same steps as the pipeline does with ssh-agent (the cli). Then you'll see where the problem is.

例如:

eval $(ssh-agent -s)
ssh-add ~/yourKey
git clone

如更新: 这里是一个用于添加knownHosts(如果尚未添加)的实用程序:

Update: Here a util to add knownHosts if not yet added:

/**
 * Add hostUrl to knownhosts on the system (or container) if necessary so that ssh commands will go through even if the certificate was not previously seen.
 * @param hostUrl
 */
void tryAddKnownHost(String hostUrl){
    // ssh-keygen -F ${hostUrl} will fail (in bash that means status code != 0) if ${hostUrl} is not yet a known host
    def statusCode = sh script:"ssh-keygen -F ${hostUrl}", returnStatus:true
    if(statusCode != 0){
        sh "mkdir -p ~/.ssh"
        sh "ssh-keyscan ${hostUrl} >> ~/.ssh/known_hosts"
    }
}

这篇关于Jenkins ssh-agent启动，然后在管道构建中立即停止的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！