I use conan on an internal network with PKI rooted under a local private CA. For normal conan client use, this requires users to append to their ".conan/cacert.pem" file the local CA. When used by the Jenkins artifactory plugin, it appears that there is no way to influence the temporary per-build conan configuration to include the local CA, so any attempts to access our Artifactory host are blocked (correctly) as having an improper host certificate. A workaround for the CA issue is to create a system-wide or account-wide conan configuration, modify the "cacert.pem" file appropriately, and then use the following within a Jenkinsfile to force the use of a single ".conan" home folder. Unfortunately, this has implications on concurrent builds on a single host which I would like to avoid.
// work-around Jenkins conan client not liking environment variable
def realHome = "${env.CONAN_USER_HOME}".toString()
withEnv(['CONAN_USER_HOME=']) {
def conan = Artifactory.newConanClient(userHome: realHome)
buildInfoDn = conan.run(
command: "install conanfile.py -s build_type=${buildtype} -o import_symstore=True".toString()
)
}
|