How to push git tags to remote in Jenkins pipeline?

Question

I'm building a CI flow for my project, according to the official tutorial mentioned here

Build a Node.js and React app with npm .

There some key points in my flow:

1. My plan to this flow is building the source code, making a Git tag, and push the tag to remote Git server on the Jenkins server.
2. The project repo is with public read access and pulled from private Git server through ssh protocol, the server host a GitLab service.
3. BlueOcean UI built the CI flow with Multibranch Pipeline and provided me an ssh public key which has the ID: jenkins-generated-ssh-key . I have committed it to GitLab ssh settings.
4. The root directory of my project contains the Jenkinsfile.

The file content:

pipeline {
    agent { docker 'node:6' }
    stages {
        stage('Build') {
            steps {
                sh 'npm run test'
                sh 'npm run build'
            }
        }
        stage('Deploy') {
            steps {
                sshagent (credentials: ['jenkins-generated-ssh-key']) {
                    sh 'git push --tags'
                }
            }
        }
    }
}

The 'Build' stage contains git committing and tagging steps. All stuffs for pushing tag are ready.

Every time in performing 'Deploy' stage, the sshagent will get killed before pushing git tags.

[Pipeline] sshagent
[ssh-agent] Using credentials fe (jenkins-generated-ssh-key)
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent]   Exec ssh-agent (binary ssh-agent on a remote machine)
$ docker exec d2ba3af75c0e5826d3d00676ebba523117a541d9015ee77c74106862d2665025 env ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-dewb3KyPiizc/agent.130
SSH_AGENT_PID=134
$ docker exec d2ba3af75c0e5826d3d00676ebba523117a541d9015ee77c74106862d2665025 env SSH_AGENT_PID=134 SSH_AUTH_SOCK=/tmp/ssh-dewb3KyPiizc/agent.130 ssh-add /var/jenkins_home/workspace/achilles_master-GZG6BNOXJZHXAGELOPVE2O57MTLCFCSFEEMQVJOWKHCSAQDCMS4Q@tmp/private_key_838589255993535437.key
Identity added: /var/jenkins_home/workspace/achilles_master-GZG6BNOXJZHXAGELOPVE2O57MTLCFCSFEEMQVJOWKHCSAQDCMS4Q@tmp/private_key_838589255993535437.key (rsa w/o comment)
[ssh-agent] Started.
[Pipeline] {
[Pipeline] sh
$ docker exec d2ba3af75c0e5826d3d00676ebba523117a541d9015ee77c74106862d2665025 env SSH_AGENT_PID=134 SSH_AUTH_SOCK=/tmp/ssh-dewb3KyPiizc/agent.130 ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 134 killed;
[ssh-agent] Stopped.
[achilles_master-GZG6BNOXJZHXAGELOPVE2O57MTLCFCSFEEMQVJOWKHCSAQDCMS4Q] Running shell script
+ git push --tags
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I have tried adjusting the Jenkinsfile many times, and I found that if the step is 'git push' or 'ssh -T git@git.xxx', it won't get the ssh-agent wrapping the inner steps. Then I get the permission denied. The ssh-agent always get killed before doing ssh connection but will wrap other steps, which don't require ssh auth, normally.

Answer 1

Host key verification failed.fatal: Could not read from remote repository.

To resolve the above error, we need to manually ssh once or use this parameter

StrictHostKeyChecking=no