如何使用 SSH 密钥配置 Hudson 和 git 插件
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2447878/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to configure Hudson and git plugin with an SSH key
提问by jlpp
I've got Hudson (continuous integration system) with the git plugin running on a Tomcat Windows Service. msysgit is installed and the msysgit bin dir is in the path. PuTTY/Pageant/plink are installed and msysgit is configured to use them.
我有 Hudson(持续集成系统)和在 Tomcat Windows 服务上运行的 git 插件。msysgit 已安装,并且 msysgit bin 目录位于路径中。PuTTY/Pageant/plink 已安装,并且 msysgit 已配置为使用它们。
When I run a job that attempts to clone the git repository I get the following error:
当我运行尝试克隆 git 存储库的作业时,出现以下错误:
$ git clone -o origin git@hostname:project.git "e:\HUDSON_HOME\jobs\Project Trunk\workspace"
ERROR: Error cloning remote repo 'origin' : Could not clone git@hostname:project.git
ERROR: Cause: Error performing git clone -o origin git@hostname:project.git e:\HUDSON_HOME\jobs\Project Trunk\workspace
Trying next repository
ERROR: Could not clone from a repository
FATAL: Could not clone
hudson.plugins.git.GitException: Could not clone
- Running git clone -o origin git@hostname:project.git "e:\HUDSON_HOME\jobs\Project Trunk\workspace" from the command line works without error.
- I've confirmed that my issue is not the same as Hudson git clone errorbecause git is in the path and I don't get any error about the git executable on Hudson's Configure System page.
- 从命令行运行 git clone -o origin git@hostname:project.git "e:\HUDSON_HOME\jobs\Project Trunk\workspace" 没有错误。
- 我已经确认我的问题与Hudson git clone 错误不同,因为 git 在路径中,而且我在 Hudson 的配置系统页面上没有收到有关 git 可执行文件的任何错误。
This leads me to believe that the problem is that the user who owns the Tomcat/Hudson Windows service (Local System) has no SSH key set up to be able to clone the git repository.
这让我相信问题在于拥有 Tomcat/Hudson Windows 服务(本地系统)的用户没有设置能够克隆 git 存储库的 SSH 密钥。
My question is, how can I set things up so that the git plugin/msysgit know to use a particular SSH key when trying to clone? I don't think Pageant will work because the Tomcat service is running as the "Local System" user, but I may be wrong. I have tried setting Pageant up as a service (using runassvc.exe), passing the appropriate key, and having it run as "Local System". The Tomcat/Hudson service doesn't seem to be able to see the key from the pageant service. Are there any other techniques for setting up a key?
我的问题是,如何设置以便 git 插件/msysgit 在尝试克隆时知道使用特定的 SSH 密钥?我不认为 Pageant 会起作用,因为 Tomcat 服务是作为“本地系统”用户运行的,但我可能错了。我尝试将 Pageant 设置为服务(使用 runassvc.exe),传递适当的密钥,并让它作为“本地系统”运行。Tomcat/Hudson 服务似乎无法从选美服务中看到密钥。还有其他设置密钥的技术吗?
Thanks.
谢谢。
EDIT: The discussion on http://n4.nabble.com/Hudson-with-git-and-ssh-td375633.htmlshows that someone else had a similar question. ssh-agent was suggested and this tool does come with msysgit but I'm not sure how to use it in conjunction with the Hudson service. Still, good clue if anyone can fill in the gaps. Thanks to Peter for the comment with the link.
编辑:关于http://n4.nabble.com/Hudson-with-git-and-ssh-td375633.html的讨论表明其他人有类似的问题。建议使用 ssh-agent 并且该工具确实与 msysgit 一起提供,但我不确定如何将它与 Hudson 服务结合使用。尽管如此,如果有人可以填补空白,这是一个很好的线索。感谢彼得对链接的评论。
Also, the discussion on http://n4.nabble.com/questions-about-git-and-github-plug-ins-td383420.htmlstarts off with the same question. I'm trying to resurrect that thread.
此外,关于http://n4.nabble.com/questions-about-git-and-github-plug-ins-td383420.html的讨论也以同样的问题开始。我正在尝试复活那个线程。
采纳答案by William Billingsley
We use Hudson, checking out the source code from git with an ssh key. We actually have Hudson on an ubuntu server, however. Hudson's ssh key pair lives in ~hudson/id_rsaand ~hudson/id_rsa.pub
我们使用 Hudson,使用 ssh 密钥检查来自 git 的源代码。然而,我们实际上在 ubuntu 服务器上有 Hudson。Hudson 的 ssh 密钥对位于~hudson/id_rsa和~hudson/id_rsa.pub
So, adapting our advice for a Windows set-up:
因此,调整我们对 Windows 设置的建议:
The Windows-based developers on our team use MSysGit and regularly check out code via git over ssh -- but not using Putty/Pageant. We found Pageant to be painful due to some protocol errors with the login. Instead, they configured git to use openSSH (it's one of the options during the install). Their public/private key pair then lives in ~username/id_rsaand ~username/id_rsa.puband it all works.
我们团队中基于 Windows 的开发人员使用 MSysGit 并定期通过 ssh 上的 git 检查代码——但不使用 Putty/Pageant。由于登录时出现了一些协议错误,我们发现 Pageant 很痛苦。相反,他们将 git 配置为使用 openSSH(这是安装过程中的选项之一)。他们的公共/私有密钥对,然后住在~username/id_rsa和~username/id_rsa.pub它所有的作品。
So, I'd recommend changing your git config to use OpenSSH rather than pageant. If nothing else, you won't need to worry about starting pageant.
因此,我建议更改您的 git 配置以使用 OpenSSH 而不是选美。如果不出意外,您将无需担心开始选美。
You can use PuttyGen to generate the key. However, if you are using OpenSSH rather than pageant, you will need to export a suitable private key (from one of the menus at the top of PuttyGen) and save it as id_rsa, and copy-and-paste the public key from PuttyGen's GUI (it shows but won't save a suitable version for OpenSSH) and save that as id_rsa.pub. This is because Putty uses a slightly different format for the key than OpenSSH does.
您可以使用 PuttyGen 生成密钥。但是,如果您使用的是 OpenSSH 而不是选美,则需要导出合适的私钥(从 PuttyGen 顶部的菜单之一)并将其另存为id_rsa,然后从 PuttyGen 的 GUI 中复制并粘贴公钥(它显示但不会为 OpenSSH 保存合适的版本)并将其另存为id_rsa.pub. 这是因为 Putty 使用的密钥格式与 OpenSSH 略有不同。
Alternatively, of course, you can always host your hudson server on a ubuntu server (either a real one or through VirtualBox)
或者,当然,您始终可以在 ubuntu 服务器上托管您的 hudson 服务器(真实服务器或通过 VirtualBox)
回答by Eggplant Jeff
Another important note for windows (which I want to attach to this answer because I found this question very quickly, but found this additional detail I needed only after hours of searching):
Windows 的另一个重要说明(我想附在这个答案上,因为我很快就发现了这个问题,但发现这个额外的细节我只需要几个小时的搜索):
Git wants the %HOME% environment variable set to your user's directory (I.E. C:\Documents and Settings\hudsonuser)... that's how it knows to look in there for the .ssh dir with the key files!
Git 希望将 %HOME% 环境变量设置为您的用户目录(IE C:\Documents and Settings\hudsonuser)...这就是它知道如何使用密钥文件查找 .ssh 目录!
I found this out here on server fault(but don't have enough reputation there to upvote it).
回答by Milele
I found I had to use a different tack to get this working on Ubuntu(with Jenkins, not Hudson, though otherwise it looks like basically the same problem. I checked the %HOME%environment variable through the Jenkins GUIand that looked right.
我发现我必须使用不同的方法才能在Ubuntu 上运行(使用 Jenkins,而不是 Hudson,否则看起来基本上是相同的问题。我%HOME%通过Jenkins GUI检查了环境变量,看起来是正确的。
The key I wanted to use to identify Jenkinsto the Github private repository already existed. I copied those to /var/lib/jenkins/.ssh-- both the id_rsaand the id_rsa.pubfile for that key and account.
我想用来将Jenkins识别为 Github 私有存储库的密钥已经存在。我将它们复制到/var/lib/jenkins/.ssh-id_rsa和该id_rsa.pub密钥和帐户的文件。
Initially I copied these as "root" and they were inaccessible to Jenkinsso I was still getting errors (confusingly, the errors asked me to enter a passphrase when there wasn't any). So I did chown, chmodand chgrpto set these to be available to Jenkins.
最初我将这些复制为“ root”,但Jenkins无法访问它们,所以我仍然遇到错误(令人困惑的是,错误要求我在没有密码的情况下输入密码)。所以我做了chown,chmod并将chgrp这些设置为可供Jenkins 使用。
I tested this by doing a git clone while logged in as the Jenkins user.
我通过在以 Jenkins 用户身份登录时执行 git clone 来对此进行测试。
I know this path is specific to Ubuntu, but a similar setup making sure the key files are available, in the right place, and testing on the command line just doing git clone git:myrepo, might at least identify where Windows is different.
我知道此路径特定于 Ubuntu,但类似的设置可确保密钥文件在正确的位置可用,并在命令行上进行测试git clone git:myrepo,这至少可以确定 Windows 的不同之处。
回答by Roland
put your .ssh folder under
将您的 .ssh 文件夹放在
C:\Windows\SysWOW64\config\systemprofile
C:\Windows\SysWOW64\config\systemprofile
or
或者
C:\Windows\System32\config\systemprofile
C:\Windows\System32\config\systemprofile
depends on your system is 32 or 64.
取决于您的系统是 32 还是 64。
This is the "USER" directory for "Local System".
这是“本地系统”的“USER”目录。
