[英]OpenShift Jenkins git clone fails: Host key verification failed
I try to build my Node JS (latest version) application in Jenkins in the Red Hat OpenShift environment but it continues to fail with this message in the Jenkins log:我尝试在 Red Hat OpenShift 环境中的 Jenkins 中构建我的 Node JS(最新版本)应用程序,但它继续失败并在 Jenkins 日志中显示以下消息:
Host key verification failed.
fatal: Could not read from remote repository.
Upon further investigation it turns out the Jenkins server cannot clone the repo from the application server:经过进一步调查,发现 Jenkins 服务器无法从应用程序服务器克隆 repo:
[JENKINS_HOST test]\> git clone ssh://GUID@APP_HOST/~/git/sof.git
Cloning into 'sof'...
The authenticity of host 'APP_HOST (172.16.6.220)' can't be established.
RSA key fingerprint is cf:ee:77:cb:0e:fc:02:d7:72:7e:ae:80:c0:90:88:a7.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/var/lib/openshift/GUID/.ssh/known_hosts).
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
I cannot even enter the .ssh
directory on the Jenkins host.我什至无法进入 Jenkins 主机上的.ssh
目录。
Take it the OpenShift app management should handle all the private keys between the app and the CI host but doesn't seem to be working.拿它来说,OpenShift 应用程序管理应该处理应用程序和 CI 主机之间的所有私钥,但似乎不起作用。
Any ideas?有什么想法吗?
I've searched all over the web but OpenShift-specific scenarios are not common.我在整个网络上进行了搜索,但特定于 OpenShift 的场景并不常见。
This can be done with custom cartridge https://cartreflect-claytondev.rhcloud.com/reflect?github=smerrill/openshift-community-git-ssh The cartridge creates script and sets the GIT_SSH environment variable to run git-ssh without strict host key checking.这可以使用自定义墨盒https://cartreflect-claytondev.rhcloud.com/reflect?github=smerrill/openshift-community-git-ssh墨盒创建脚本并设置 GIT_SSH 环境变量以在没有严格主机的情况下运行 git-ssh关键检查。
So,所以,
Now git clone must be ok现在 git clone 肯定没问题
If you don't need to commit change the protocol to http
and you will not need to use ssh keys since it should be read-only if your server allow you and support this protocol.如果您不需要提交将 协议更改为http
并且您将不需要使用 ssh 密钥,因为如果您的服务器允许并支持此协议,它应该是只读的。
If you must use ssh they you must set-up the ssh keys.如果必须使用 ssh,则必须设置 ssh 密钥。 No way to "skip" it.没有办法“跳过”它。
if anyone gets here and he just can't get his private repo to be cloned on openshift.如果有人来到这里并且他无法在 openshift 上克隆他的私人存储库。 Not with SSH and not with HTTP.不支持 SSH,也不支持 HTTP。 Iv'e got a simple solution that works great.我有一个简单的解决方案,效果很好。 Clone with http and add your token to the repo link eg使用 http 克隆并将您的令牌添加到 repo 链接,例如
git clone https://<token>@github.com/owner/repo.git
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.