CODEWITHSUNDEEP
gitjenkinsjenkins-pipeline
Render
Render

Reputation: 2329

Checkout Jenkins Pipeline Git SCM with credentials?

I was following this tutorial:

node {
  git url: 'https://github.com/joe_user/simple-maven-project-with-tests.git'
  ...
}

However it doesn't tell how to add credentials. Jenkins does have specific "Credentials" section where you define user user&pass, and then get ID for that to use in jobs, but how do I use that in Pipeline instructions?

I tried with:

git([url: '[email protected]:company/repo.git', branch: 'master', credentialsId: '12345-1234-4696-af25-123455'])

no luck:

stderr: Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Is there a way configure the creds in pipeline, or do I have to put SSH-keys to Jenkin's Linux user's .ssh/authorized_keys file?

In ideal world I'd like to have a repository for pipeline jobs and repo-keys, then launch Docker Jenkins, and dynamically add these jobs and keys there without having to configure anything in Jenkins Console.

Upvotes: 158

Views: 490248

Answers (8)

akoto
akoto

Reputation: 1

By Bitbucket, you only have to save the password without the username.

Upvotes: -2

Arunas Bart
Arunas Bart

Reputation: 2678

Speed is important. Thus I amend this answer. To have something similar to SCM Lightweight checkout, use this git plugin syntax, explicitly defining changelog:

pipeline {
    agent any

    environment {
        myvar   = "best regards"
    }

    stages {
        stage('Deploy') {
            steps {
                echo 'Starting deploy'

                git branch: 'main',
                    credentialsId: 'key_git_id',
                    changelog: false,
                    url: '[email protected]:mysuperteam/mybestproject.git'

                sh '''
                   echo code goes here, ${myvar}
                '''
            }
        }

    }
}

Where Jenkins Git plugin docs say:

changelog : boolean (optional) Compute changelog for this job. Default is 'true'.

If changelog is false, then the changelog will not be computed for this job. If changelog is true or is not set, then the changelog will be computed.

Upvotes: 0

Upul Doluweera
Upul Doluweera

Reputation: 2326

To explicitly checkout using a specific credentials

    stage('Checkout external proj') {
        steps {
            git branch: 'my_specific_branch',
                credentialsId: 'my_cred_id',
                url: '[email protected]/proj/test_proj.git'

            sh "ls -lat"
        }
    }

To checkout based on the configured credentials in the current Jenkins Job

    stage('Checkout code') {
        steps {
            checkout scm
        }
    }

You can use both of the stages within a single Jenkins file.

Upvotes: 65

Sarang
Sarang

Reputation: 512

It solved for me using 

checkout scm: ([
                    $class: 'GitSCM',
                    userRemoteConfigs: [[credentialsId: '******',url: ${project_url}]],
                    branches: [[name: 'refs/tags/${project_tag}']]
            ])

Upvotes: 5

Aviv
Aviv

Reputation: 14477

Adding you a quick example using git plugin GitSCM:

    checkout([
        $class: 'GitSCM', 
        branches: [[name: '*/master']], 
        doGenerateSubmoduleConfigurations: false, 
        extensions: [[$class: 'CleanCheckout']], 
        submoduleCfg: [], 
        userRemoteConfigs: [[credentialsId: '<gitCredentials>', url: '<gitRepoURL>']]
    ])

in your pipeline

stage('checkout'){
    steps{
        script{
            checkout
        }
    }
}

Upvotes: 42

madeyejm
madeyejm

Reputation: 502

For what it's worth adding to the discussion... what I did that ended up helping me... Since the pipeline is run within a workspace within a docker image that is cleaned up each time it runs. I grabbed the credentials needed to perform necessary operations on the repo within my pipeline and stored them in a .netrc file. this allowed me to authorize the git repo operations successfully.

withCredentials([usernamePassword(credentialsId: '<credentials-id>', passwordVariable: 'GIT_PASSWORD', usernameVariable: 'GIT_USERNAME')]) {
    sh '''
        printf "machine github.com\nlogin $GIT_USERNAME\n password $GIT_PASSWORD" >> ~/.netrc
        // continue script as necessary working with git repo...
    '''
}

Upvotes: 7

f-society
f-society

Reputation: 3018

If you want to use ssh credentials,

  git(
       url: '[email protected]<repo_name>.git',
       credentialsId: 'xpc',
       branch: "${branch}"
    )

if you want to use username and password credentials, you need to use http clone as @Serban mentioned.

    git(
       url: 'https://github.com/<repo_name>.git',
       credentialsId: 'xpc',
       branch: "${branch}"
    )

Upvotes: 31

Serban Constantin
Serban Constantin

Reputation: 3576

You can use the following in a pipeline:

git branch: 'master',
    credentialsId: '12345-1234-4696-af25-123455',
    url: 'ssh://[email protected]:company/repo.git'

If you're using the ssh url then your credentials must be username + private key. If you're using the https clone url instead of the ssh one, then your credentials should be username + password.

Upvotes: 228

Related Questions