Jenkins not saving P12 certificate from Google Service Account from private key

[Andrew Novinger]

For some reason Jenkins lost the original p12 certificate from Google for the API Service account to upload to google.  I have recreated a new P12 certificate, and downloaded it my local machine.  When I try to add the certificate to the account, it shows up, when I hit save and reopen the credentials, the certificate is missing.  I have tried removing the Google Plugin, removing all the config files I could find for it, and reinstall plugin, and same result as before.  Any other thoughts or suggestions to try to get this to work.

[Christopher Orr]

Do you see the files being created in $JENKINS_HOME/credentials/gauth
(that's from memory, so not 100% sure on the path)?

Are those gauth p12 filenames listed in $JENKINS_HOME/credentials.xml?

> --
> You received this message because you are subscribed to the Google
> Groups "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to jenkinsci-use...@googlegroups.com
> <mailto:jenkinsci-use...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/c35d2174-6f4b-4c6e-ac17-df48ce2f11c7%40googlegroups.com
> <https://groups.google.com/d/msgid/jenkinsci-users/c35d2174-6f4b-4c6e-ac17-df48ce2f11c7%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.

[Andrew Novinger]

I do not see the file being saved in the credentials.xml file.

Here is the Google Store portion of the credentials.xml file

      <java.util.concurrent.CopyOnWriteArrayList>
        <com.google.jenkins.plugins.credentials.oauth.GoogleRobotPrivateKeyCredentials plugin="google-oauth-plugin@0.4">
          <module/>
          <projectId>Google</projectId>
          <serviceAccountConfig class="com.google.jenkins.plugins.credentials.oauth.JsonServiceAccountConfig"/>
        </com.google.jenkins.plugins.credentials.oauth.GoogleRobotPrivateKeyCredentials>
      </java.util.concurrent.CopyOnWriteArrayList>

[Christopher Orr]

Weird. There should be `emailAddress` and `p12KeyFile` tags within
`serviceAccountConfig`.

I see that v0.4 of the plugin came out recently which, from a quick look
at the code changes, makes some changes in how the data is stored — but
I tested with 0.3, upgrading to 0.4, and re-saving with 0.4 and
everything worked fine (and there were no data changes on disk).

Do you see any errors in the Jenkins logs when you save the credential?
Does the .p12 file get saved to $JENKINS_HOME/gauth?

Regards,
Chris

> --
> You received this message because you are subscribed to the Google
> Groups "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to jenkinsci-use...@googlegroups.com
> <mailto:jenkinsci-use...@googlegroups.com>.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/jenkinsci-users/d829d30c-eecc-4a2d-829b-f3577a402265%40googlegroups.com
> <https://groups.google.com/d/msgid/jenkinsci-users/d829d30c-eecc-4a2d-829b-f3577a402265%40googlegroups.com?utm_medium=email&utm_source=footer>.

[Christopher Orr]

Which platform is this happening on?

There's a report from a Windows user here:
https://issues.jenkins-ci.org/browse/JENKINS-31638

It did seem to be working for me on Linux, as that user also reports.

[Andrew Novinger]

I am see no errors in the Jenkins log, and nothing it gauth.

I have Windows Master server which is where the credentials are saved at.

So looking at that link it was open 3 days ago.  I am guessing this is a bug now.  Will wait and see what happens with the bug.

Thanks again.

Andrew

>> <mailto:jenkinsci-users+unsub...@googlegroups.com>.