Setting up Jenkins on EC2 with Github private repository

I've spent hours trying to get this to work; I would have hoped that this would work out of the box. Plus it sure would have helped to have the login/SSH information available on the main index page.

Anyhow, after launching an instance with the BitNami Jenkins stack, I couldn't get it to work with Publish over SSH. Instead I did the following to get the tomcat user (who is running the jenkins instance) his own set of keys:

sudo mkdir /home/tomcat
sudo chown tomcat:tomcat /home/tomcat
cd /home/tomcat
sudo -u tomcat mkdir .ssh
sudo -u tomcat ssh-keygen -t rsa -C "PLEASE_SET_YOUR_EMAIL_ADDRESS"

After doing this, I've confirmed that the tomcat user can access github over SSH:

sudo -u tomcat ssh -T git@github.com
Hi workcloud-jenkins! You've successfully authenticated, but GitHub does not provide shell access.

I've copied the id_rsa.pub keys to a deploy user account that has access to the private repo.

But when setting up the CI job that needs to access the private repo, the following error gets displayed.

Failed to connect to repository : Command "/opt/bitnami/git/bin/git ls-remote -h git@github.com:workcloud/workcloud.git HEAD" returned status code 128:
stdout:
stderr: ssh: /opt/bitnami/common/lib/libcrypto.so.1.0.0: no version information available (required by ssh)
Host key verification failed.
fatal: The remote end hung up unexpectedly

I've been banging my head against the wall for hours, but nothing on Google has helped.

What's the problem here - I'm so close!

Thanks

Have you checked your logs for information?

Try this:

Logging for Jenkins level errors (e.g. DNS timeouts, builder configuration) is available in the Jenkins logs from the command line:

$ rhc tail jenkins

Logging for deployment level errors is available in the Application logs from the command line:

$ rhc tail jboss1

Check these and see if there is anything that explains anything related to this issue.

You may have to use your "cloud-based CL entry" instead of rhc when querying this way. I haven't used Jenkins outside of Red Hat Cloud so that's why I say that but the issues you refer to CAN BE TRACED through the logs referenced here. Let us know and hope this helps you.

4 Likes

Also review this:

To troubleshoot errors that occur during the build/test/deploy phase with Jenkins, from a git push, etc. there are three logs that will indicate the problem in most cases.

Logging for Application level errors (e.g. compilation failures, test failures) is available via the Jenkins web UI under the corresponding Node's build history.

Hi @btsai,

Do you have any update on this? Did that information help you?

Regards.

Thank you for your suggestion. Best regards.

Can somebody share the final solution to this problem? I'm having the exact issue.

We are using a bitnami jenkins AMI (bitnami-jenkins-1.513-0-linux-ubuntu-12.04.2-x86_64).

Well I followed this suggestion (http://answers.bitnami.com/questions/6574/solution-no-version-information-available-error-on-libraries) to create a wrapper around the /usr/bin/ssh script and that seems to solve the "libcrypto.so.1.0.0: no version information available (required by ssh)" issue.

/6574

However I'm still getting this error:

Failed to connect to repository : Command "/opt/bitnami/git/bin/git ls-remote -h git@vcs.test.com:test.git HEAD" returned status code 128:

stdout:

stderr: fatal: The remote end hung up unexpectedly

Sometimes this issue happens when github.com in not in your ~/.ssh/known_hosts. Could you try the same command but using the "tomcat" user to add the host in the known_hosts file?

su tomcat -c "/opt/bitnami/git/bin/git ls-remote -h git@vcs.test.com:test.git HEAD"

And accept the host. Then try again from Jenkins.

Yeah I've done that, but still receive the same error. I honestly believe this is an issue because there is no /home/tomcat directory in the jenkins bitnami AMI. So I'm busy trying to figure out how to recreate it. The tomcat user exists in /etc/passwd and with the tomcat group in /etc/group. But no home directory.

Try the following:

$ sudo mkdir /home/tomcat
$ sudo mkdir /home/tomcat/.ssh

Then copy your private key to have access to the repository

$ sudo cp /path/to/your/id_rsa /home/tomcat/.ssh/

And change permissions:

$ sudo chown -R tomcat:tomcat /home/tomcat

Then add the hostname of your repository in the known_hosts file:

$ sudo su tomcat -c "/opt/bitnami/git/bin/git ls-remote -h git@YOUR_REPOSITORY:test.git HEAD"
The authenticity of host 'ec2-23-20-108-46.compute-1.amazonaws.com (10.164.19.196)' can't be established. 
ECDSA key fingerprint is e5:xx:9d:yy:ff:89:55:47:aa:fd:b5:ee:0a:pp:6f:8d.
Are you sure you want to continue connecting (yes/no)? yes

That's all. We will document this process in the Wiki and fix it in the next version of Jenkins stack. I hope it helps.

Yeah unfortunately I've done all that and it still doesn't work for the tomcat user. It still returns "fatal: The remote end hung up unexpectedly".

The weird thing is I can run adduser, setup the ssh keys, trust the hostname, and that new user also can't perform a clone. It returns the same error. But I can perform a clone using the bitnami user: sudo su - bitnami, setup ssh keys, trust host, git clone.

It sounds to me like a permissions issue. I even tried adding the tomcat user to the ssh and admin groups, but that didn't help.

Any other ideas? What is the difference between how the bitnami user is created and how the tomcat user gets created. Outside of the fact that bitnami gets a directory under /home and tomcat doesn't.

Would be nice to know the final solution? One suggestion I have is to update the git plugin via the Jenkins management interface.

Hi James,
I need install Dspace, create user dspace no tomcat, but I’m don’t have a root user. And now?
Helder Rangel
brazil

Hi @helder_rangel,

Could you please provide us a little more information?

  • Are you using Jenkins in a Cloud Provider (AWS, Google, Azure, …) native installer (Windows, Linux,…) VMs
  • Which exact version of the application are you using?
  • Have you installed any plugin or modified any configuration file?

Could you also provide more information about Dspace and the issue itself?

Best regards,
Andrés Bono