yes thanks, it worked but after successful installation and execution of script i am getting status as Build failure: Could you please advise here.
Below are the logs: Started by user Sakshi Rathore <http://10.32.141.35:8080/user/jenkins> Running as SYSTEM Building in workspace /var/lib/jenkins/workspace/test9 No credentials specified Cloning the remote Git repository Cloning repository https://github.com/sakshirathorebgw/GitHubProjeckt.git > git init /var/lib/jenkins/workspace/test9 # timeout=10 Fetching upstream changes from https://github.com/sakshirathorebgw/GitHubProjeckt.git > git --version # timeout=10 > git fetch --tags --progress -- https://github.com/sakshirathorebgw/GitHubProjeckt.git +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url https://github.com/sakshirathorebgw/GitHubProjeckt.git # timeout=10 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url https://github.com/sakshirathorebgw/GitHubProjeckt.git # timeout=10 Fetching upstream changes from https://github.com/sakshirathorebgw/GitHubProjeckt.git > git fetch --tags --progress -- https://github.com/sakshirathorebgw/GitHubProjeckt.git +refs/heads/*:refs/remotes/origin/* # timeout=10 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10 Checking out Revision 5dd43192426415f540b687697f6ef436acf60600 (refs/remotes/origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f 5dd43192426415f540b687697f6ef436acf60600 # timeout=10 Commit message: "added from server" First time build. Skipping changelog. [test9] $ /bin/sh -xe /tmp/jenkins4883353382832852402.sh + ./piecebypiece.sh ./test2-harbor.pfx is certpath test2-harbor is basename test2-harbor is new secret name for harbor this is password start01 ./test2-harbor.key key file generated ./test2-harbor.crt crt file generated key filename is test2-harbor.key crt filename is test2-harbor.crt address for certificate is : test2-harbor.tank.local core: core.harbor.domain core: test2-harbor.tank.local notary: notary.harbor.domain notary: test2-harbor.tank.local secretName: secretName: test2-harbor check1 /home/ccpuser harbortest-master-gro-a7c3cedfab ccp_kibana_ingress_setup.sh cert_status1.sh check.sh docker harbor harbor_bkp jenkins-cli.jar jenkins-namespace.yaml jenkins-volume.yaml kibana_ingress.yaml new_server_cert.sh newharbortestkey old_server.sh piecebypiece.sh test2-harbor.crt test2-harbor.key test2-harbor.pfx test2-harbor123.crt test2-harbor123.key test2-harbor123.pfx test2-harbor12345.crt test2-harbor12345.key test2-harbor12345.pfx test2-harbor54321.crt test2-harbor54321.key test2-harbor54321.pfx value.yaml value1.yaml further run execute check.sh now namespace is harbor harbor is NOT NULL ./test2-harbor54321.crt test2-harbor54321.crt The certificate of expires on Thu Jun 3 07:54:16 UTC 2021 which is in 302 days from now! WARNING - Expiration date is near! edit properties file and run the job to install the new cert mv: cannot move 'harbor' to 'harbor_bkp/harbor': Directory not empty namespace "harbor" deleted "harbor" has been added to your repositories total 232 drwxr-xr-x 15 ccpuser ccpadmin 4096 Jul 30 11:00 templates drwxr-xr-x 2 ccpuser ccpadmin 4096 Jul 30 11:00 conf drwxr-xr-x 2 ccpuser ccpadmin 4096 Jul 30 11:00 cert -rw-r--r-- 1 ccpuser ccpadmin 24523 Aug 4 14:58 values.yaml -rw-r--r-- 1 ccpuser ccpadmin 561 Aug 4 14:58 Chart.yaml -rw-r--r-- 1 ccpuser ccpadmin 83889 Aug 4 14:58 README.md -rw-r--r-- 1 ccpuser ccpadmin 11357 Aug 4 14:58 LICENSE -rw-r--r-- 1 ccpuser ccpadmin 5418 Aug 4 14:58 test2-harbor54321.pfx -rw-r--r-- 1 ccpuser ccpadmin 7382 Aug 4 14:58 test2-harbor54321.key -rw-r--r-- 1 ccpuser ccpadmin 5465 Aug 4 14:58 test2-harbor54321.crt -rw-r--r-- 1 ccpuser ccpadmin 5418 Aug 4 14:58 test2-harbor12345.pfx -rw-r--r-- 1 ccpuser ccpadmin 7382 Aug 4 14:58 test2-harbor12345.key -rw-r--r-- 1 ccpuser ccpadmin 5465 Aug 4 14:58 test2-harbor12345.crt -rw-r--r-- 1 ccpuser ccpadmin 5418 Aug 4 14:58 test2-harbor123.pfx -rw-r--r-- 1 ccpuser ccpadmin 7382 Aug 4 14:58 test2-harbor123.key -rw-r--r-- 1 ccpuser ccpadmin 5465 Aug 4 14:58 test2-harbor123.crt -rw-r--r-- 1 ccpuser ccpadmin 5418 Aug 4 14:58 test2-harbor.pfx -rw-r--r-- 1 ccpuser ccpadmin 7382 Aug 4 14:58 test2-harbor.key -rw-r--r-- 1 ccpuser ccpadmin 5465 Aug 4 14:58 test2-harbor.crt namespace/harbor created ./test2-harbor54321.pfx is certpath test2-harbor54321 is basename test2-harbor54321 is new secret name for harbor ./test2-harbor54321.key key file generated ./test2-harbor54321.crt crt file generated key filename is test2-harbor54321.key crt filename is test2-harbor54321.crt core: test2-harbor.tank.local notary: test2-harbor.tank.local secretName: test2-harbor54321 values.yaml is updated secret/test2-harbor54321 created NAME: harbor LAST DEPLOYED: Tue Aug 4 14:58:39 2020 NAMESPACE: harbor STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: Please wait for several minutes for Harbor deployment to complete. Then you should be able to visit the Harbor portal at https://core.harbor.domain For more details, please visit https://github.com/goharbor/harbor Harbor certificate isntallation done Mail notification sent Build step 'Execute shell' marked build as failure Finished: FAILURE On Mon, Aug 3, 2020 at 3:05 PM jeremy mordkoff <jeremy.mordk...@riftio.com> wrote: > The same solutions offered for client to host should apply for local > system to host. Did you add the local system's public ssh key to the host's > authorized key file? > > I have no clue what a "crumb" is > > > On Monday, August 3, 2020 at 2:14:59 AM UTC-4, Sakshi Rathore wrote: >> >> could you please help here? >> >> On Fri, Jul 31, 2020 at 3:52 PM Sakshi Rathore <sakshira...@gmail.com> >> wrote: >> >>> thanks a lot, i just solved permission denied issue and able to ssh >>> from client to host >>> 1. >>> jenkins@harbortest-master-gro-a7c3cedfab:~/.ssh$ ssh >>> ccpuser@harbortest-master-gro-a7c3cedfab >>> Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-64-generic x86_64) >>> >>> * Documentation: https://help.ubuntu.com >>> * Management: https://landscape.canonical.com >>> * Support: https://ubuntu.com/advantage >>> >>> * Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with >>> sudo snap install microk8s --channel=1.19/candidate --classic >>> >>> https://www.microk8s.io/ has docs and details. >>> This system has been minimized by removing packages and content that are >>> not required on a system that users do not log into. >>> >>> To restore this content, you can run the 'unminimize' command. >>> Last login: Fri Jul 31 13:31:29 2020 from 10.36.174.37 >>> ccpuser@harbortest-master-gro-a7c3cedfab:~$ cd .ssh/ >>> >>> 2. But in jenkins console i am still getting cant connect to the server >>> : >>> >>> [image: image.png] >>> >>> >>> [image: image.png] >>> >>> and still from my local system to host i cant ssh directly: >>> >>> sakshi_rathore@MCN234 MINGW64 ~/.ssh (master) >>> $ ssh ccp...@10.32.141.35 >>> ccp...@10.32.141.35: Permission denied (publickey,keyboard-interactive). >>> >>> Could you please also suggest for this. >>> >>> On Fri, Jul 31, 2020 at 3:18 PM jeremy mordkoff <jeremy....@riftio.com> >>> wrote: >>> >>>> ssh is picky about permissions. >>>> >>>> make sure the .ssh directory itself has perms 770 and any files in that >>>> folder have perms 660 and that they are all owned by the correct user on >>>> both the client and server. >>>> >>>> try adding *-o identitiesOnly=yes* on the ssh client command line. >>>> There is a server config that limits the number of failed connects. >>>> >>>> try running the client in verbose mode (-v or -vv) -- every now and >>>> then a message shows up there with a hint. >>>> >>>> if you're still stuck, set the server logging to debug and check there. >>>> *Always >>>> keep one ssh session open as root to the server when changing the ssh >>>> server config file (usually /etc/ssh/sshd_config)* >>>> >>>> >>>> >>>> On Friday, July 31, 2020 at 4:09:19 AM UTC-4, sakshira...@gmail.com >>>> wrote: >>>>> >>>>> >>>>> thanks very much for all the advice , i tried in the given way but >>>>> while conencting to the server to the client using manual ssh >>>>> >>>>> i get below error everytime: >>>>> >>>>> ccpuser@harbortest-master-gro-a7c3cedfab:~$ ssh ccp...@10.32.141.35 >>>>> The authenticity of host '10.32.141.35 (10.32.141.35)' can't be >>>>> established. >>>>> ECDSA key fingerprint is >>>>> SHA256:bSeIr7zG7863687fvTDsZrG3Kc77pUXMLZKwu4YMRfrY. >>>>> Are you sure you want to continue connecting (yes/no)? yes >>>>> Warning: Permanently added '10.32.141.35' (ECDSA) to the list of known >>>>> hosts. >>>>> ccp...@10.32.141.35: Permission denied >>>>> (publickey,keyboard-interactive). >>>>> respective keys have been already added , public key to >>>>> /home/.ssh/authorized_key >>>>> ialso tried to add private key identity as part of troubleshoot >>>>> >>>>> ccpuser@harbortest-master-gro-a7c3cedfab:~/.ssh$ ssh-add ~/.ssh/id_rsa >>>>> Identity added: /home/ccpuser/.ssh/id_rsa (/home/ccpuser/.ssh/id_rsa) >>>>> >>>>> >>>>> i have also tried to disable host key checking in etc/ssh/ssh_config >>>>> file >>>>> StrictHostKeyChecking no >>>>> >>>>> if i try to avoid permission denied error google suggestion leads me >>>>> to password authentication and i want to do ssh login >>>>> >>>>> I have tried everything to get it owkr adding ssh key authentication >>>>> tojenkins server in credentials section and ssh-sites but nothing seems >>>>> working for me , i am not able to conenct to jenkins client to my remote >>>>> server. >>>>> >>>>> >>>>> my humble request to suggest a way forward or any approach so i can >>>>> proceed further. It will be great help. >>>>> >>>>> On Wednesday, July 29, 2020 at 3:46:41 PM UTC+2 jeremy....@riftio.com >>>>> wrote: >>>>> >>>>>> There are two SSH keys involved when establishing a session >>>>>> >>>>>> The one you are setting here is the key used ti identify the client >>>>>> to the server (host). There is also the key that the server (host) sends >>>>>> down to the client. You can see this the first time you ssh to a host and >>>>>> it asks you if you want to accept the key. Once you do accept it, it is >>>>>> stored in .ssh/known_hosts and subsequent connections are verified >>>>>> automatically. >>>>>> >>>>>> You have two choices. Disable host key verification or add the host >>>>>> key manually to jenkins' known_hosts file. >>>>>> >>>>>> to disable host key checking, add this to your .ssh/config >>>>>> StrictHostKeyChecking no >>>>>> This can also be done on the commandline .. something like >>>>>> -o StrictHostKeyChecking=no >>>>>> >>>>>> or you can pre-create the known_hosts file. One way would be to >>>>>> delete it, ssh to the host manually and then examine the known_hosts >>>>>> file. >>>>>> There should be one line in it something like this >>>>>> jenkins7,10.64.10.74 ecdsa-sha2-nistp256 >>>>>> AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNiUivaQ4skdl0sc0A/a0aFxA1p/Sd/6AcYpZcjC0UA9YaO5ADJT+Ercb9fHrcuQdiEOMi36LVNdS5TY1EeFYzs= >>>>>> copy that into jenkins' known_hosts file >>>>>> >>>>>> >>>>>> >>>>>> On Wednesday, July 29, 2020 at 2:50:04 AM UTC-4, Sakshi Rathore wrote: >>>>>> >>>>>>> below is the part of my script where i am doing ssh and it works >>>>>>> fine in local. >>>>>>> >>>>>>> scp -i $SSHKEY_PATH $CERT_PATH ccp...@10.32.141.35:/home/ccpuser >>>>>>> scp -i $SSHKEY_PATH $KEY_FILE ccp...@10.32.141.35:/home/ccpuser >>>>>>> scp -i $SSHKEY_PATH $CRT_FILE ccp...@10.32.141.35:/home/ccpuser >>>>>>> scp -i $SSHKEY_PATH ./check.sh ccp...@10.32.141.35:/home/ccpuser >>>>>>> scp -i $SSHKEY_PATH ./old_server.sh ccp...@10.32.141.35: >>>>>>> /home/ccpuser >>>>>>> scp -i $SSHKEY_PATH ./cert_status1.sh ccp...@10.32.141.35: >>>>>>> /home/ccpuser >>>>>>> scp -i $SSHKEY_PATH ./new_server_cert.sh ccp...@10.32.141.35: >>>>>>> /home/ccpuser >>>>>>> >>>>>>> sed -i -e 's/\r$//' ./check.sh >>>>>>> sed -i -e 's/\r$//' ./old_server.sh >>>>>>> sed -i -e 's/\r$//' ./cert_status1.sh >>>>>>> sed -i -e 's/\r$//' ./old_server.sh >>>>>>> sed -i -e 's/\r$//' ./new_server_cert.sh >>>>>>> >>>>>>> >>>>>>> echo "check1" >>>>>>> >>>>>>> ssh -i $SSHKEY_PATH ccp...@10.32.141.35 /bin/bash <<EOF >>>>>>> >>>>>>> this ssh key belongs to server login >>>>>>> >>>>>>> when i try to execute this using jenkins build: >>>>>>> Warning: Identity file >>>>>>> /c/Users/D35N/Downloads/GitHubProjeckt/Automation/GitHubProjeckt/newharbortestkey >>>>>>> not accessible: No such file or directory. >>>>>>> Host key verification failed. >>>>>>> lost connection >>>>>>> I have generated ssh key in ssh server for jenkins and put public >>>>>>> key into home/.ssh/authorized_keys location and private key for ssh >>>>>>> setup >>>>>>> in jenkins but i am not able to connect to the ssh server >>>>>>> i also tried simple ssh to the server in build step but it is not >>>>>>> working. Please advise where I am wrong. >>>>>>> >>>>>>> On Wed, Jul 29, 2020 at 8:35 AM Sakshi Rathore < >>>>>>> sakshira...@gmail.com> wrote: >>>>>>> >>>>>> I tried a lot of things but my ssh connection is not working from >>>>>>>> jenkins to ssh server. >>>>>>>> >>>>>>>> One more thing my Jenkins and ssh server is hosting on same IP >>>>>>>> address is there anyway i can resolve this issue? >>>>>>>> >>>>>>>> On Mon, 27 Jul, 2020, 9:39 AM Sakshi Rathore, < >>>>>>>> sakshira...@gmail.com> wrote: >>>>>>>> >>>>>>> thanks , i tried this as well but while getting connection >>>>>>>>> encountring below error: >>>>>>>>> >>>>>>>>> Permission denied (publickey,password,keyboard-interactive) >>>>>>>>> build marked as failed. >>>>>>>>> >>>>>>>>> On Thu, Jul 23, 2020 at 3:47 PM jeremy mordkoff < >>>>>>>>> jeremy....@riftio.com> wrote: >>>>>>>>> >>>>>>>> I think the issue is that the client does not trust the server's >>>>>>>>>> host key. These keys are stored by the client in ~/.ssh/known_hosts >>>>>>>>>> Try >>>>>>>>>> copying/appending your .ssh/known_hosts file to jenkins' >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Monday, July 20, 2020 at 5:43:39 PM UTC-4, Sakshi Rathore >>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>> 0I have a bash script which connects and exexutes programs from >>>>>>>>>>> my local to remote server and now this should be executed from >>>>>>>>>>> jenkins >>>>>>>>>>> build so for this jenkins is taking continous changes from git for >>>>>>>>>>> this >>>>>>>>>>> script but my build is failing with below error: >>>>>>>>>>> >>>>>>>>>>> Warning: Identity file >>>>>>>>>>> /c/Users/D35N/Downloads/GitHubProjeckt/Automation/GitHubProjeckt/newharbortestkey >>>>>>>>>>> not accessible: No such file or directory. Host key verification >>>>>>>>>>> failed. >>>>>>>>>>> Build step 'Execute shell' marked build as failure >>>>>>>>>>> >>>>>>>>>>> I have tried to set ssh connectivity in my jenkins server for >>>>>>>>>>> this remote server incredentials and ssh plugins but using my key i >>>>>>>>>>> am >>>>>>>>>>> getting an error cant connect to the server. >>>>>>>>>>> >>>>>>>>>>> when i run the script from local it works fine and my ssh >>>>>>>>>>> connection gets established properly using SSH key. >>>>>>>>>>> >>>>>>>>>>> jenkins server is also integrated or installed on my kuberenets >>>>>>>>>>> cluster which is my remote server in this case and bash script >>>>>>>>>>> should >>>>>>>>>>> execute on this kuberenets cluster. >>>>>>>>>>> >>>>>>>>>>> i generated ley for jenkins in remote server and using this key >>>>>>>>>>> for ssh plugin setup but i am getting cant connect to the server >>>>>>>>>>> error >>>>>>>>>>> everytime. >>>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>> Google Groups "Jenkins Users" group. >>>>>>>>>> >>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>>> send an email to jenkins...@googlegroups.com. >>>>>>>>> >>>>>>>>> >>>>>>>>>> To view this discussion on the web visit >>>>>>>>>> https://groups.google.com/d/msgid/jenkinsci-users/092a6094-5f76-40bf-b2f6-0accc42e6f57o%40googlegroups.com >>>>>>>>>> <https://groups.google.com/d/msgid/jenkinsci-users/092a6094-5f76-40bf-b2f6-0accc42e6f57o%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>>>> . >>>>>>>>>> >>>>>>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Jenkins Users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to jenkins...@googlegroups.com. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/jenkinsci-users/63ed9be4-f2d4-4d32-9157-c90e18d2420fo%40googlegroups.com >>>> <https://groups.google.com/d/msgid/jenkinsci-users/63ed9be4-f2d4-4d32-9157-c90e18d2420fo%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to jenkinsci-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/ec42ce3b-6d97-4415-9a7a-ab7b06e78377o%40googlegroups.com > <https://groups.google.com/d/msgid/jenkinsci-users/ec42ce3b-6d97-4415-9a7a-ab7b06e78377o%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAJeB3MNCj1SZ6y32wgqGcj35DBXTqzw5SGr48Vz4NBYwcCV4Eg%40mail.gmail.com.
