Hello, I’m trying to update the hashicorp-vault-plugin <https://github.com/jenkinsci/hashicorp-vault-plugin> to use credential snapshots to prevent access from agents but doing scm checkouts with ssh keys and the command line git aren't working correctly and I can't tell why. You can look at the vault pr <https://github.com/jenkinsci/hashicorp-vault-plugin/pull/218> and the ssh plugin pr <https://github.com/jenkinsci/ssh-credentials-plugin/pull/127> to see the change being made.
For some reason the git executable is not getting the key passphrase, despite it being put in a txt file in the workspace@tmp dir on the agent, and git will instead ask for the passphrase in the terminal where I launched the agent. JGit is able to get the passphrase and run a checkout successfully. I have included debug details below, can anyone provide guidance on how to fix this or next steps for further investigation? Adding some debugging the following env variables are set when git is called: DISPLAY=: GIT_ASKPASS=echo GIT_SSH=/var/tmp/workspace/test-vault@tmp/jenkins-gitclient-ssh17057598793954356813.sh-copy GIT_SSH_VARIANT=ssh GIT_TERMINAL_PROMPT=false SSH_ASKPASS=/var/tmp/workspace/test-vault@tmp/jenkins-gitclient-pass11065529797750620112.sh Versions: Jenkins: 2.354 Pipeline: SCM step 400.v6b_89a_1317c9a_ SSH Agent 295.v9ca_a_1c7cc3a_a_ Git client 3.11.0 Git 4.11.3 -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/1000a9ba-a28e-4b6b-84b6-aff0665a82d8n%40googlegroups.com.
