I am trying to install jenkins on an RKE2 cluster behind a corporate proxy.
I added these values to my helm chart
controller:
initContainerEnv:
- name: http_proxy
value: http://xxx:xxxx@10.205.xxx.xxx:8080
- name: https_proxy
value: http://xxx:xxx@10.205.xxx.xxx:8080
- name: no_proxy
value: >-
jenkins-dev,jenkins-dev.jenkins.svc.cluster.local,localhost,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster.local,xxx.com,xx.com
- name: JENKINS_UC
value: http://updates.jenkins.io
- name: JENKINS_UC_EXPERIMENTAL
value: http://updates.jenkins.io
- name: JENKINS_INCREMENTALS_REPO_MIRROR
value: http://repo.jenkins-ci.org/incrementals
- name: JENKINS_PLUGIN_INFO
value: http://updates.jenkins.io/plugin-versions.json
- name: _JAVA_OPTIONS
value: >-
-Dhttp.proxyHost=10.205.xxx.xxx -Dhttp.proxyPort=8080
-Dhttp.proxyUser=xxx -Dhttp.proxyPassword=xxx
-Dhttps.proxyHost=10.205.xxx.xxx -Dhttps.proxyPort=8080
-Dhttps.proxyUser=xxx -Dhttps.proxyPassword=xxx
-Dhttp.nonProxyHosts="jenkins-dev|jenkins-dev.jenkins.svc.cluster.local|localhost|kubernetes.default|kubernetes.default.svc|kubernetes.default.svc.cluster.local|xxx.com|xx.com"
The init container is failing, I am getting an error when its trying to download plugins from http://updates.jenkins.io:
Unable to resolve plugin URL http://updates.jenkins.io/download/plugins/skip-certificate-check/1.1/skip-certificate-check.hpi, or download plugin skip-certificate-check to file: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Tried downloading skip-certificate-check from https://get.jenkins.io/plugins/skip-certificate-check/1.1/skip-certificate-check.hpi (attempt 1 of 3)
Unable to resolve plugin URL http://updates.jenkins.io/download/plugins/git/5.1.0/git.hpi, or download plugin git to file: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Tried downloading git from https://get.jenkins.io/plugins/git/5.1.0/git.hpi (attempt 1 of 3)
Unable to resolve plugin URL http://updates.jenkins.io/download/plugins/workflow-multibranch/756.v891d88f2cd46/workflow-multibranch.hpi, or download plugin workflow-multibranch to file: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Tried downloading workflow-multibranch from https://get.jenkins.io/plugins/workflow-multibranch/756.v891d88f2cd46/workflow-multibranch.hpi (attempt 1 of 3)
Unable to resolve plugin URL http://updates.jenkins.io/download/plugins/jakarta-mail-api/2.0.1-3/jakarta-mail-api.hpi, or download plugin jakarta-mail-api to file: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Tried downloading jakarta-mail-api from https://get.jenkins.io/plugins/jakarta-mail-api/2.0.1-3/jakarta-mail-api.hpi (attempt 1 of 3)
The weird thing is that I am able to download the update-center.json.
Could anyone help ?
I had to bypass ssl on proxy (and then used HTTPS repos)