GitLab Branch Source SSH Credentials
108 views
Skip to first unread message
Sverre Moe
Mar 16, 2021, 1:50:21 PM3/16/21
to Jenkins Users
When we moved our git repositories to Gitlab, checkout failed when using Credentials for SCM Repository for our Multibranch Pipeline Projects.
[Mon Mar 15 14:31:33 CET 2021] Starting branch indexing...
> git --version # timeout=10
> git --version # 'git version 2.26.2'
using GIT_SSH to set credentials Jenkins Git User
> git ls-remote --symref -- ssh://g...@gitlab.company.com/packages/connection-api.git # timeout=10
ERROR: [Mon Mar 15 14:31:39 CET 2021] Could not update folder level actions from source 4e0891e4-f729-4070-a650-e5fdbd95b807
hudson.plugins.git.GitException: Command "git ls-remote --symref -- ssh://g...@gitlab.company.com/packages/connection-api.git" returned status code 128:
stdout:
stderr: Permission denied, please try again.
Received disconnect from 10.255.188.53 port 22:2: Too many authentication failures
Disconnected from 10.255.188.53 port 22
fatal: Could not read from remote repository.
GitLab has the Public SSH key for all Jenkins Master, and Build Agents in its Deploy Keys.
So git clone works fine without having to specify credentials
I had to set Credentials to None for it to work.
It does not work with GitLab Branch Source Plugin and GitLab Group Project.
I have configured the group with "Checkout over SSH", but if credentials is left None, it will still use Checkout over HTTPS.
A workaround:
The Jenkins master has a SSH key (Public, Private). This has access in GitLab (Added as Deploy Key for all projects).
I tried creating a new Credential:
Kind=SSH Username with private key
Then selected this credentials for GitLab group projects. Checkout now uses SSH and it works, even if the git checkout is not on jenkins master, but one of its build agents.
Perhaps my workaround is the way to do it?
[Mon Mar 15 14:31:33 CET 2021] Starting branch indexing...
> git --version # timeout=10
> git --version # 'git version 2.26.2'
using GIT_SSH to set credentials Jenkins Git User
> git ls-remote --symref -- ssh://g...@gitlab.company.com/packages/connection-api.git # timeout=10
ERROR: [Mon Mar 15 14:31:39 CET 2021] Could not update folder level actions from source 4e0891e4-f729-4070-a650-e5fdbd95b807
hudson.plugins.git.GitException: Command "git ls-remote --symref -- ssh://g...@gitlab.company.com/packages/connection-api.git" returned status code 128:
stdout:
stderr: Permission denied, please try again.
Received disconnect from 10.255.188.53 port 22:2: Too many authentication failures
Disconnected from 10.255.188.53 port 22
fatal: Could not read from remote repository.
GitLab has the Public SSH key for all Jenkins Master, and Build Agents in its Deploy Keys.
So git clone works fine without having to specify credentials
I had to set Credentials to None for it to work.
It does not work with GitLab Branch Source Plugin and GitLab Group Project.
I have configured the group with "Checkout over SSH", but if credentials is left None, it will still use Checkout over HTTPS.
A workaround:
The Jenkins master has a SSH key (Public, Private). This has access in GitLab (Added as Deploy Key for all projects).
I tried creating a new Credential:
Kind=SSH Username with private key
Then selected this credentials for GitLab group projects. Checkout now uses SSH and it works, even if the git checkout is not on jenkins master, but one of its build agents.
Perhaps my workaround is the way to do it?
Reply all
Reply to author
Forward
0 new messages