使用 Gradle 发布插件的 SSH Git 访问
SSH Git access using Gradle Release Plugin
使用 Jenkins 管道,我将存储库 URL 从 http 更改为 ssh git 访问。
这样做之后,工作就不再工作了(之前一切正常)。
在日志下方:
:xxxxxx:checkUpdateNeeded
Running [git, remote, update] produced an error: [Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
error: Could not fetch origin]
:xxxxxx:checkUpdateNeeded FAILED
:release FAILED
Release process failed, reverting back any changes made by Release Plugin.
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':checkUpdateNeeded'.
> Failed to run [git remote update] - [Fetching origin
][Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
error: Could not fetch origin
]
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.
BUILD FAILED
SSH RSA 密钥可以正常工作,因为:
- 我在我们的 Bitbucket 服务器上正确配置,以便在该 repo 上 Read/Write
- 我将密钥添加到 ssh-agent
- 我可以直接从执行 jenkins 作业的服务器克隆和提交。
这是 gradle 构建文件部分:
....
release {
versionPropertyFile="${rootDir}/gradle.properties"
failOnCommitNeeded=false
git{
requireBranch="releases/.*|master"
}
tagTemplate = 'T-'+new Date().format('yy.MM')+'-${version}'
}
task publishRelease(type: GradleBuild) {
tasks = ['publishMavenJavaPublicationToReleaseRepository']
startParameter.projectProperties = [nexusUser: nexusUser, nexusPassword: nexusPassword]
}
....
I can clone and commit directly from the server where the jenkins job is executed.
那么 Jenkins 也应该如此,前提是:
- 同一个用户执行
- 并且 SSH 密钥是默认密钥 ~/.ssh/id_rsa.
如果这两个条件中的任何一个不满足,您需要使用 Jenkins SSH Credentials Plugin.
指定私钥的确切路径
使用 ssh 代理包装对评分的调用:
sshagent(credentials: ['id-of-private-key-defined-in-jenkins']) {
withGradle {
sh 'gradle release -Prelease.useAutomaticVersion=true'
}
}
这将使私钥可用于下面的 Git 个调用。
使用 Jenkins 管道,我将存储库 URL 从 http 更改为 ssh git 访问。 这样做之后,工作就不再工作了(之前一切正常)。
在日志下方:
:xxxxxx:checkUpdateNeeded
Running [git, remote, update] produced an error: [Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
error: Could not fetch origin]
:xxxxxx:checkUpdateNeeded FAILED
:release FAILED
Release process failed, reverting back any changes made by Release Plugin.
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':checkUpdateNeeded'.
> Failed to run [git remote update] - [Fetching origin
][Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
error: Could not fetch origin
]
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.
BUILD FAILED
SSH RSA 密钥可以正常工作,因为: - 我在我们的 Bitbucket 服务器上正确配置,以便在该 repo 上 Read/Write - 我将密钥添加到 ssh-agent - 我可以直接从执行 jenkins 作业的服务器克隆和提交。
这是 gradle 构建文件部分:
....
release {
versionPropertyFile="${rootDir}/gradle.properties"
failOnCommitNeeded=false
git{
requireBranch="releases/.*|master"
}
tagTemplate = 'T-'+new Date().format('yy.MM')+'-${version}'
}
task publishRelease(type: GradleBuild) {
tasks = ['publishMavenJavaPublicationToReleaseRepository']
startParameter.projectProperties = [nexusUser: nexusUser, nexusPassword: nexusPassword]
}
....
I can clone and commit directly from the server where the jenkins job is executed.
那么 Jenkins 也应该如此,前提是:
- 同一个用户执行
- 并且 SSH 密钥是默认密钥 ~/.ssh/id_rsa.
如果这两个条件中的任何一个不满足,您需要使用 Jenkins SSH Credentials Plugin.
指定私钥的确切路径使用 ssh 代理包装对评分的调用:
sshagent(credentials: ['id-of-private-key-defined-in-jenkins']) {
withGradle {
sh 'gradle release -Prelease.useAutomaticVersion=true'
}
}
这将使私钥可用于下面的 Git 个调用。