Jenkins + GitLab private repo setup

[lesssugar]

Hi,

I'm trying to add my private GitLab repo to be used in a Jenkins job.

However when I set Repository URL to:

1) g...@gitlab.com:[user]/[project].git - I get an "invalid URL" error (desptite the fact that I have Git plugin installed)

2) https://gitlab.com/[user]/[project].git - I get an "unable to access" error

In the second case (https://) I'm being asked to give credentials, which I do (username/password to my GitLab account)

but Jenkins still fails to connect, saying "404 Not Found (https://gitlab.com)".

Do I need a private SSH key for this? The only one I have is the public key on GitLab. What am I missing?

Thanks.

[novamine118]

what key is jenkins using to authenticate - did you set one up?

Is jenkin's public key registered with a gitlab user? And does that gitlab user have access to that repo? The gitlab user also needs to be at least a "Reporter" (for "pull project code" Action).

-Xavier

[lesssugar]

Actually, the problem I had was the lack of GIT plugin... I installed it and the wrong URL error is gone. However now when I set GIT repo to my GitLab one, I get this:

Failed to connect to repository : Command "git ls-remote -h g...@gitlab.com:[xxx]/[yyy].git HEAD" returned status code 128:

stdout: 

stderr: Host key verification failed. 

fatal: The remote end hung up unexpectedly

To answer your questons, I don't have any of this set-up, as I really don't know how to do it. I looked for configuration guides for Jenkins + GitLab but none helped me.

All I'm trying to achieve is use my GitLab repo in Jenkins, so it can deploy latest changes to my website (remote server).

Any help on the subject of setting up the keys and authenticating the connection will be appreciated.

[Mark Waite]

You'll probably have better results if you register that private key as a credential (through the "Credentials" page), then use that registered credential in your job definition.  The git plugin relies on the Credentials plugin and uses it so that you can manage credentials through the Jenkins web pages.

Mark Waite

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Thanks!

Mark Waite

[lesssugar]

Mark. I generated public/private key pair, saved the public one in my GitLab, and used the private one as my credentials for my user in Jenkins, but when I set Repo URL and choose credentials with the private key, I get this now:

Failed to connect to repository : Command "git ls-remote -h g...@gitlab.com:[xxx]/[yyy].git HEAD" returned status code 128:

stdout: 

stderr: Permission denied (publickey). 

fatal: The remote end hung up unexpectedly

When I run ssh -T g...@gitlab.com in my console, I see the welcome message... I'm confused and clearly doing something wrong. But well, I need to figure it out somehow. Thanks.

[Mark Waite]

When you say "used the private one as my credentials for my user in Jenkins", my initial guess is that you performed an operating system level configuration of the credentials in the user account which runs the Jenkins process.  You need to configure the credential in the specific Jenkins job so that the git plugin knows to use that credential for that specific job.

The operating system level configuration should not be needed, now that the git plugin and the git client plugin support credentials.

[Vasily Bezruchkin]

Greetings guys,

I have the same problem. I tried many different ways and still cannot make my jenkins to fetch latest changes from my gitlab repository. 

gitlab is located on a public domain, I've generated Deploy key for one of my projects, created SSH pair and configured as explained. 

I tried to create a domain credential to fetch data using username/password pair via http - nothing works :((

@lesssugar, 

did you solve the issue you had? Thanks!

[novamine118]

Let's remove jenkins from the picture to verify gitlab is setup correctly. I want to verify that if you were to use jenkins' key, you can clone the repo.

Steps:

1. remove jenkins' deploy key from gitlab(save it)
2. on your local machine, setup your ssh config file to have the git user use jenkins' key. this is a good link for config setup. (or better yet move your public and private key somewhere else and replace it with jenkins')
3. verify that you cannot clone the repo using jenkins' key (#1 removed this access)
4. add back jenkins' deploy key to gitlab
5. verify that you can clone the repo.

There are several ways to have jenkins setup to clone repo using ssh. I'll describe what I do:

My jenkins instance runs on a different machine under the "tomcat7" user(this may be different for you). tomcat7's home directory on my box is /user/share/tomcat7

place jenkins' public and private keys in: /usr/share/tomat7/.ssh/

permissions do matter. use 600 for the private key and 644 for public key.

In the jenkins UI for a job..

When setting up the git section, copy-and-paste the ssh url from gitlab and explicitly set the credentials to none.

It's worth noting that our jenkins is a gitlab user(not using deploy keys), since our jenkins does pushes too.

Hopefully I didn't leave out any steps and this works for you!