在Jenkins管道中使用用户名和密码凭据对Github存储库进行身份验证
我在Jenkins 2.107.2.上创建了Multibranch管道.我想在克隆的存储库上执行Git命令,例如git commit,git push等.
I have created a Multibranch pipeline on Jenkins 2.107.2. I want to perform Git commands like git commit, git push etc on the cloned repository.
To authenticate to the GitHub repository, I have configured my user credentials in Jenkins using (https://wiki.jenkins-ci.org/display/JENKINS/Credentials+Binding+Plugin). I have tried few approaches to use these credentials to authenticate but they result in different errors.
第一种方法
stage('clone'){
steps{
checkout([$class: 'GitSCM', branches: [[name: '*/develop']],
userRemoteConfigs: [[url: 'https://github.com:xyz/demo.git']]])
}
}
stage('prepare release'){
steps{
sh "sed -i 's/-SNAPSHOT//g' pom.xml"
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'jenkins-user-for-demo-github', usernameVariable: 'GITHUB_DEMO_CREDENTIALS_USR', passwordVariable: 'GITHUB_DEMO_CREDENTIALS_PSW']]) {
sh "git add pom.xml"
sh "git commit -m 'release version set"
}
}
}
错误
***请告诉我你是谁. 跑 git config --global user.email"you@example.com" git config --global user.name您的名字"
*** Please tell me who you are. Run git config --global user.email "you@example.com" git config --global user.name "Your Name"
第二种方法
stage('Checkout') {
steps{
git branch: 'develop', credentialsId: 'jenkins-user-for-demo-github', url: 'git@github.com:xyz/demo.git'
}
}
stage('prepare release'){
steps{
sh "sed -i 's/-SNAPSHOT//g' pom.xml"
sh "git add pom.xml"
sh "git commit -m 'release version set"
}
}
错误
原因:hudson.plugins.git.GitException:命令"git fetch --tags --progress git@github.com:AbhayChandel/New-project.git + refs/heads/:refs/remotes/origin/"返回的状态码128: 标准输出: stderr:主机密钥验证失败. 致命:无法从远程存储库读取. 请确保您具有正确的访问权限 并且存储库存在.
Caused by: hudson.plugins.git.GitException: Command "git fetch --tags --progress git@github.com:AbhayChandel/New-project.git +refs/heads/:refs/remotes/origin/" returned status code 128: stdout: stderr: Host key verification failed. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
正在努力解决这些错误,我有以下问题:
Struggling with these errors I have following questions:
- 是否可以传递用户名&从Jenkinsfile到Github存储库进行身份验证的密码凭据?
- 我应该使用SSH密钥代替用户名&密码?
- 我还应该尝试其他方法(但不要太客气)吗?
凭据"仅用于与Git服务器对话(例如git clone,git fetch,git push),但不需要 strong>用于操作本地存储库.因此,在您的第一个示例中,git 不是抱怨凭证,而是抱怨在执行git commit时缺少配置.您可以在此处设置任意内容:
"Credentials" are only required for talking to the Git server (e.g. git clone, git fetch, git push) but NOT for manipulating the local repository. So in your first example git does not complain about credentials but about missing configuration when doing git commit. You can set arbitrary stuff here like this:
stage('clone'){
steps{
checkout([$class: 'GitSCM', branches: [[name: '*/develop']], userRemoteConfigs: [[url: 'https://github.com:xyz/demo.git']]])
sh "git config user.name 'John Doe'"
sh "git config user.email 'foo@bar.bla'"
}
}
之后,git commit应该可以工作.而且,除非您要推送提交,否则可以删除withCredentials包装器.
After that the git commit should work. And unless you want to push the commit you can remove the withCredentials wrapper.