Jenkins 管道无法使用凭据推送到 gerrit
Posted
技术标签:
【中文标题】Jenkins 管道无法使用凭据推送到 gerrit【英文标题】:Jenkins pipeline cannot push to gerrit using credentials 【发布时间】:2019-02-13 08:18:40 【问题描述】:我是 jenkins 管道脚本的新手,我正在尝试在我的管道中使用 maven 发布插件。但是我在发布的推送步骤中遇到了一些问题。
这是我的代码:
node('linux')
stage('Checkout')
checkout scm
withMaven(maven: 'Maven 3')
stage('Build')
sh "mvn clean verify"
junit '**/target/*-reports/TEST-*.xml'
stage('SonarQube analysis')
sh 'mvn sonar:sonar'
stage('Release')
withCredentials([usernamePassword(credentialsId: "jenkins-gerrit", usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')])
sh 'git config user.email "************************"'
sh 'git config user.name $USERNAME'
sh 'mvn -B release:clean release:prepare release:perform -Dusername=$USERNAME -Dpassword=$PASSWORD'
我收到以下错误:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.4.2:prepare (default-cli) on project aqt-router: Unable to commit files
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] fatal: unable to access 'http://****:****@mygerritserver/myproject/': Could not resolve host: ****; Name or service not known
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
我尝试将我的个人凭据直接放入代码中,而不是使用 withCredentials :
sh 'mvn -B release:clean release:prepare release:perform -Dusername=johnDoe -Dpassword=password'
这次好像找到了gerrit url,但显然是不允许用户推送,因为我们有gerrit架构:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.4.2:prepare (default-cli) on project aqt-router: Unable to commit files
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] remote: Branch refs/heads/master:
[ERROR] remote: You are not allowed to perform this operation.
[ERROR] remote: To push into this reference you need 'Push' rights.
[ERROR] remote: User: johnDoe
[ERROR] remote: Please read the documentation and contact an administrator
[ERROR] remote: if you feel the configuration is incorrect
[ERROR] remote:
[ERROR] remote: Processing changes: refs: 1
[ERROR] remote: Processing changes: refs: 1, done
[ERROR] To http://johnDoe:password@mygerritserver/myproject
[ERROR] ! [remote rejected] master -> master (prohibited by Gerrit)
问题是我需要使用我们的 jenkins 凭证中指定的 gerrit 用户,因为他有权推送和东西。但似乎我无法通过 withCredentials 函数使用它。
请注意,由于我不知道用户名和密码,因此我无法尝试将 gerrit 用户直接放在命令行中。
感谢您的帮助
编辑:
感谢@ellak 评论,我找到了解决方案:
def encodedPassword = URLEncoder.encode("$PASSWORD",'UTF-8')
sh "mvn -B release:clean release:prepare release:perform -Dusername=$USERNAME -Dpassword=$encodedPassword"
确实,我认为密码包含需要编码的特殊字符。
【问题讨论】:
【参考方案1】:您需要使用 " 而不是 ' 才能在 groovy 中使用字符串插值。
sh "git config user.name $USERNAME"
sh "mvn -B release:clean release:prepare release:perform -Dusername=$USERNAME -Dpassword=$PASSWORD"
【讨论】:
谢谢,我用"试过了,但还是出现同样的错误 密码是否包含一些特殊字符?如果你这样做有帮助吗-Dpassword='$PASSWORD'
谢谢你我找到了解决办法
很高兴听到这个消息!【参考方案2】:
感谢@ellak 评论,我找到了解决方案:
def encodedPassword = URLEncoder.encode("$PASSWORD",'UTF-8')
sh "mvn -B release:clean release:prepare release:perform -Dusername=$USERNAME -Dpassword=$encodedPassword"
确实,我认为密码包含需要编码的特殊字符。
【讨论】:
以上是关于Jenkins 管道无法使用凭据推送到 gerrit的主要内容,如果未能解决你的问题,请参考以下文章
在带有 ssh、scp 或 sftp 的 jenkins 管道中使用 ssh 凭据