We are using jenkins-job-builder in order to generate jenkins jobs, and we have an ongoing issue when we try to user ssh-credentials plug-in.
When we create a new job which tries to use an ssh key the job fails with
java.io.IOException: [ssh-agent] Could not find specified credentials but if we hit Configure and Save it starts working.
In the credentials.xml the key definition looks like this:
<com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.15">
<scope>GLOBAL</scope>
<id>jenkins-key</id>
<description>Jenkins user private key</description>
<username>root</username>
<privateKeySource class="com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey$DirectEntryPrivateKeySource">
<privateKey>{A_WORKING_PRIVATE_KEY}</privateKey>
</privateKeySource>
</com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey>
Regarding the documentation (https://docs.openstack.org/infra/jenkins-job-builder/wrappers.html?highlight=credentials#wrappers.ssh-agent-credentials) a job definition which uses the defined credential should look like this:
- wrapper:
name: jenkins-key
wrappers:
- ssh-agent-credentials:
user: 'root'
[...]
- job:
name: jobxyz
disabled: false
project-type: freestyle
node: jenkins-slave
wrappers:
- jenkins-key
builders:
- shell: |
[...]
The corresponding part from the generated jobs xml looks like this:
<buildWrappers>
<com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper>
<user>root</user>
<ignoreMissing>false</ignoreMissing>
</com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper>
</buildWrappers>
But when we try to run the job we get the above mentioned error :
FATAL:
java.io.IOException: [ssh-agent] Could not find specified credentials
at com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper.preCheckout(SSHAgentBuildWrapper.java:209)
at jenkins.scm.SCMCheckoutStrategy.preCheckout(SCMCheckoutStrategy.java:76)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:498)
at hudson.model.Run.execute(Run.java:1818)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:97)
at hudson.model.Executor.run(Executor.java:429)
FATAL: [ssh-agent] Could not find specified credentials
java.io.IOException: [ssh-agent] Could not find specified credentials
at com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper.preCheckout(SSHAgentBuildWrapper.java:209)
at jenkins.scm.SCMCheckoutStrategy.preCheckout(SCMCheckoutStrategy.java:76)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:498)
at hudson.model.Run.execute(Run.java:1818)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:97)
at hudson.model.Executor.run(Executor.java:429)
Finished: FAILURE
If we go to the jenkins webpage, and hit configure & save without changing anything in the configuration, the new xml for the job changes to:
<buildWrappers>
<com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper plugin="ssh-agent@1.17">
<credentialIds>
<string>jenkins-key</string>
</credentialIds>
<ignoreMissing>false</ignoreMissing>
</com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper>
</buildWrappers>
I am pretty sure that this shouldn't work like this, but I am a bit uncertain about what to do next. Here are some versions:
Jenkins Job Builder version: 2.10.1
Jenkins ver. 2.172
SSH Credentials version: 1.15
It seems at the end of the day the solution is to forget using the credentials wrapper, and instert the raw xml instead:
wrappers:
- raw:
xml: |
<com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper plugin="ssh-agent@1.17">
<credentialIds>
<string>jenkins-key</string>
</credentialIds>
<ignoreMissing>false</ignoreMissing>
</com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper>
This generates correct xml.