So for anyone else that stumbles across this thread, here's what you need: PLEASE note - I tend to have singular, non-multi-module maven builds. One repo per module kinda belief.
1 - The credentials plugin - allows you to let jenkins manage some private keys. 2 - The ssh-agent plugin - allows you to let the jenkins process to have that key in its ssh-agent as the process runs 3 - deployer keys for each github repo you want ------------------------------- 1 - Generate the deployer keys (https://help.github.com/articles/managing-deploy-keys) 2 - Take the private key and store it in jenkins via the credentials plugin 3 - Any maven release project you want to release back to github, make sure you specify the credentials in the git config AND turn on ssh-agent in the build section On Fri, Apr 18, 2014 at 1:25 PM, Stephen Connolly <[email protected]> wrote: > Ahh you should have just said you were doing this on jenkins.... I wrote > the ssh-agent plugin for this exact use case! > > > On 18 April 2014 18:01, Maven User <[email protected]> wrote: > >> That was it! >> >> Ok, so for the record, if you're going to use the credentials plugin, >> you should also use the ssh-agent plugin to make sure those keys are >> available to any processes being run by jenkins! >> >> On Fri, Apr 18, 2014 at 12:53 PM, Maven User <[email protected]> >> wrote: >> > Annnd this is because I tried to reuse ${artifactId} and that does NOT >> > match the repo name (for acceptable reasons). >> > >> > Changing and retrying... >> > >> > On Fri, Apr 18, 2014 at 12:47 PM, Maven User <[email protected]> >> wrote: >> >> Using the ssh-agent jenkins plugin, I'm able to get a bit further - >> >> now it's complaining the repository doesn't exist: >> >> >> >> Unable to commit files >> >> 00:01:14.796 Provider message: >> >> 00:01:14.796 The git-push command failed. >> >> 00:01:14.796 Command output: >> >> 00:01:14.796 ERROR: Repository not found. >> >> 00:01:14.796 fatal: The remote end hung up unexpectedly >> >> >> >> I'm guessing this is an error in my <scm> tags.... >> >> >> >> >> >> >> >> On Fri, Apr 18, 2014 at 11:55 AM, Maven User <[email protected]> >> wrote: >> >>> Interesting.... >> >>> >> >>> Running: >> >>> eval `ssh-agent -s` >> >>> >> >>> Then the ssh -T test results in success. >> >>> >> >>> But that's only good for the single bash session. >> >>> >> >>> Are people running jenkins as normal users versus unprivileged users? >> >>> >> >>> On Fri, Apr 18, 2014 at 11:38 AM, Maven User <[email protected]> >> wrote: >> >>>> Stephen - cool - I _do_ have that and am pointing at the file in that >> path. >> >>>> >> >>>> Again, I'm using the "managed file" plugin to drop down that private >> key. >> >>>> >> >>>> Strangely, when I run this command: >> >>>> >> >>>> ssh -vT [email protected] >> >>>> >> >>>> I get back: >> >>>> ... >> >>>> debug1: Connection established. >> >>>> debug1: identity file /srv/jenkins/.ssh/id_rsa type 1 >> >>>> ... >> >>>> debug1: Authentications that can continue: publickey >> >>>> debug1: Next authentication method: publickey >> >>>> debug1: Offering RSA public key: /srv/jenkins/.ssh/id_rsa >> >>>> debug1: Authentications that can continue: publickey >> >>>> debug1: Trying private key: /srv/jenkins/.ssh/id_dsa >> >>>> debug1: Trying private key: /srv/jenkins/.ssh/id_ecdsa >> >>>> debug1: No more authentication methods to try. >> >>>> Permission denied (publickey). >> >>>> >> >>>> Any more suggestions? >> >>>> >> >>>> >> >>>> On Fri, Apr 18, 2014 at 11:31 AM, Stephen Connolly >> >>>> <[email protected]> wrote: >> >>>>> <server> >> >>>>> >> >>>>> <id>...</id> >> >>>>> >> >>>>> <username>...</username> >> >>>>> >> >>>>> <password>...</password> >> >>>>> >> >>>>> <privateKey>/home/.../.ssh/id_rsa</privateKey> >> >>>>> >> >>>>> </server> >> >>>>> >> >>>>> >> >>>>> On 18 April 2014 16:27, Thomas Broyer <[email protected]> wrote: >> >>>>> >> >>>>>> I think by default Maven calls the command-line Git, so it uses the >> >>>>>> ~/.ssh/id_rsa, and not the configuration from your settings.xml. >> >>>>>> I have no idea if what you're trying to do is possible with Maven. >> Maybe >> >>>>>> the maven-scm-provider-jgit would use the settings.xml >> configuration, but I >> >>>>>> have no idea how to configure Maven to use it. >> >>>>>> >> >>>>>> >> >>>>>> On Fri, Apr 18, 2014 at 3:45 PM, Maven User <[email protected] >> > >> >>>>>> wrote: >> >>>>>> >> >>>>>> > Hi all - >> >>>>>> > >> >>>>>> > I'm really struggling with this. >> >>>>>> > >> >>>>>> > My git push portion of the maven release process just is quitting >> with >> >>>>>> > this: >> >>>>>> > >> >>>>>> > 00:01:29.803 Provider message: >> >>>>>> > 00:01:29.803 The git-push command failed. >> >>>>>> > 00:01:29.803 Command output: >> >>>>>> > 00:01:29.803 Permission denied (publickey). >> >>>>>> > 00:01:29.803 fatal: The remote end hung up unexpectedly >> >>>>>> > 00:01:29.803 >> >>>>>> > 00:01:29.803 cause : Unable to commit files >> >>>>>> > 00:01:29.803 Provider message: >> >>>>>> > 00:01:29.803 The git-push command failed. >> >>>>>> > 00:01:29.803 Command output: >> >>>>>> > 00:01:29.803 Permission denied (publickey). >> >>>>>> > 00:01:29.803 fatal: The remote end hung up unexpectedly >> >>>>>> > >> >>>>>> > I have the key stored in Jenkins as a "managed file" (as part of >> that >> >>>>>> > plugin). So the build has an early step where that key is >> written to >> >>>>>> > disk. >> >>>>>> > >> >>>>>> > Then I've used the settings.xml to specify which key to use >> (pointing >> >>>>>> > at that location just above). >> >>>>>> > >> >>>>>> > <server> >> >>>>>> > <id>github.com</id> >> >>>>>> > <username>someusername</username> >> >>>>>> > <privateKey>/srv/jenkins/.ssh/somekeyname</privateKey> >> >>>>>> > <filePermissions>664</filePermissions> >> >>>>>> > <directoryPermissions>775</directoryPermissions> >> >>>>>> > <configuration></configuration> >> >>>>>> > </server> >> >>>>>> > >> >>>>>> > <scm> >> >>>>>> > <connection>scm:git:[email protected]: >> >>>>>> > ${companyid}/${project.artifactId}.git</connection> >> >>>>>> > <url>scm:git:[email protected]: >> >>>>>> > ${companyid}/${project.artifactId}.git</url> >> >>>>>> > <developerConnection>scm:git:[email protected]: >> >>>>>> > ${companyid}/${project.artifactId}.git</developerConnection> >> >>>>>> > <tag>HEAD</tag> >> >>>>>> > </scm> >> >>>>>> > >> >>>>>> > What am I doing wrong? >> >>>>>> > >> >>>>>> > >> --------------------------------------------------------------------- >> >>>>>> > To unsubscribe, e-mail: [email protected] >> >>>>>> > For additional commands, e-mail: [email protected] >> >>>>>> > >> >>>>>> > >> >>>>>> >> >>>>>> >> >>>>>> -- >> >>>>>> Thomas Broyer >> >>>>>> /tɔ.ma.bʁwa.je/ <http://xn--nna.ma.xn--bwa-xxb.je/> < >> http://xn--nna.ma.xn--bwa-xxb.je/> < >> >>>>>> http://xn--nna.ma.xn--bwa-xxb.je/> >> >>>>>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
