SEVERE c.c.j.p.k.KubernetesCredentialProvider#startWatchingForSecrets: Failed to initialise k8s secret provider, secrets from Kubernetes will not be available java.net.SocketException: Socket closed

Zeke Santamaria

unread,

Apr 1, 2025, 11:02:21 AMApr 1

to Jenkins Users

I'm deploying a Jenkins instance using the Jenkins Operator.

My operator doesn't deploy a jenkins instance by default and I use CRs to create the Jenkins definitions.

My CR is very vanilla in nature, only installing the base plugins, including the Kubernetes plugin and the Kubernetes-credentials-provider plugin.

My Kubernetes is behind a proxy. Using ENV variables does not work to download the plugins, however, passing parameters to the JAVA_OPTS to start jenkins does work well.

in other words:

        env:

            # - name: HTTP_PROXY

            #   value: "http://proxy.example.com:443"

            # - name: HTTPS_PROXY

            #   value: "https://proxy.example.com:443"

            # - name: https_proxy

            #   value: "http://proxy.example.com:443"

            # - name: http_proxy

            #   value: "https://proxy.example.com:443"

            # - name: NO_PROXY

            #   value: "kubernetes.default.svc,10.0.0.0/8,127.0.0.1,localhost"

the above doesn't work...

            - name: JAVA_OPTS
              value: -Djava.awt.headless=true 
                     -Djenkins.install.runSetupWizard=false 
                     -Dhttp.proxyHost=proxy.example.com 
                     -Dhttp.proxyPort=443 
                     -Dhttps.proxyHost=proxy.example.com 
                     -Dhttps.proxyPort=443 
                     -Dhttps.nonProxyHost=kubernetes.default.svc

the above works... HOWEVER....

the Kubernetes-credentials-provider fails to connect to the cluster where the pod is running on.

I found a post describing exactly the issue I'm experiencing here:

https://github.com/jenkinsci/kubernetes-operator/issues/697

Unfortunately, there's not clear remediation since I don't use the ENV variables the way they did and I'm still facing the same issue.

Any help is appreciated.

James Nord

unread,

May 1, 2025, 4:52:44 PMMay 1

to Jenkins Users

The property should be `https.nonProxyHosts` (not the trailing s)

Hopefully that helps (you may need to duplicate this as http.nonProxy... as well)

James Nord

unread,

May 1, 2025, 4:54:09 PMMay 1

to Jenkins Users

> The property should be `https.nonProxyHosts` (not the trailing s)

Sorry for any confusion. It should say note the trailing s

The property should be `https.nonProxyHosts` (note the trailing s)

Reply all

Reply to author

Forward