1

Im trying to setup jekins with Git. When i try to run the job it gives me 

FATAL: Failed to fetch from git@bitbucket.org:xyzlk/xyzlk-services.git
hudson.plugins.git.GitException: Failed to fetch from git@bitbucket.org:xyzlk/xyzlk-services.git
    at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:647)
    at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:889)
    at hudson.plugins.git.GitSCM.checkout(GitSCM.java:914)
    at hudson.model.AbstractProject.checkout(AbstractProject.java:1253)
    at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:622)
    at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
    at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:528)
    at hudson.model.Run.execute(Run.java:1745)
    at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
    at hudson.model.ResourceController.execute(ResourceController.java:89)
    at hudson.model.Executor.run(Executor.java:240)
Caused by: hudson.plugins.git.GitException: Command "git fetch --tags --progress git@bitbucket.org:xyzlk/xyzlk-services.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout: 
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1437)
    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1225)
    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:87)
    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:282)
    at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:645)
    ... 10 more

I have assign the user group who has the permission to access the repo to tomcat7. Still no luck.

Im my jenkins configuration i have added

git@bitbucket.org:xyzlk/xyzlk-services.git as the repo and Kind as SSH username with private key. User name of the user who has the access to repo and entered the key directly. Still no luck :(

enter image description here

enter image description here

Permissions 

drwxr-xr-x  10 root root  4096 Oct 15  2013 usr
drwxr-xr-x 138 root root  4096 Oct 10 09:46 share

drwxr-xr-x   7 tomcat7 root  4096 Oct 13 08:23 tomcat7

inside tomcat

drwxr-xr-x   2 tomcat7 tomcat7 4096 Oct 13 05:31 .ssh

inside .ssh

drwxr-xr-x 2 tomcat7 tomcat7 4096 Oct 13 05:31 .
drwxr-xr-x 7 tomcat7 root    4096 Oct 13 08:23 ..
-rwxr-xr-x 1 tomcat7 tomcat7 1679 Oct 13 05:25 id_rsa
-rwxr-xr-x 1 tomcat7 tomcat7  406 Oct 13 05:25 id_rsa.pub
-rwxr-xr-x 1 tomcat7 tomcat7 1326 Oct 13 05:29 known_hosts
Dilantha
  • 1,552
  • 2
  • 30
  • 46

1 Answers1

1

You need to check what HOME is when Jenkins executes the job (another way to say the same thing is to check under which account Jenkins executes the job).

Depending on the environment variable HOME, Jenkins will look for the public/private ssh key in $HOME/.ssh (Unix) or %HOME%\.ssh (Windows)

You might be able, with the right user, to do in command-line ssh git@bitbucket.org.
(and I confirm you must use 'git' here, not the user name)
But you need to make sure Jenkins is using that same account when it runs.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Thanks a lot for the reply. I gave the username of a user who has access to the repository and entered the key directly in the jenkins configuration. Still it will look for $HOME/.ssh ? – Dilantha Oct 12 '14 at 07:00
  • @Dilantha did you do that through the Jenkins SSH Agent plugin? (https://wiki.jenkins-ci.org/display/JENKINS/SSH+Agent+Plugin) – VonC Oct 12 '14 at 07:01
  • Yes. i have installed Jenkins SSH plugin – Dilantha Oct 12 '14 at 07:13
  • @Dilantha not "ssh plugin", but "ssh *agent* plugin, which is only needed if your private key is passphrase protected. I would recommend using a private key without passphrase first, and try to make that work. – VonC Oct 12 '14 at 07:14
  • Its ssh agent plugin and private key is not passphrase protected. I have added some screen shots of the setup that i have at the moment.Will you be able to get an idea ? – Dilantha Oct 12 '14 at 07:49
  • @Dilantha Does the folder `/usr/share/tomcat7` exist? – VonC Oct 12 '14 at 07:52
  • @Dilantha but is Jenkins run as a tomcat user? – VonC Oct 12 '14 at 08:03
  • Im running jenkins from the war. not as a seperate service. Do i have to specify the user still ? – Dilantha Oct 12 '14 at 08:09
  • @Dilantha are you running Jenkins while being logged as tomcat7? – VonC Oct 12 '14 at 08:10
  • no. I just access the URL and run the job. I couldn't find a location to specify the user :( – Dilantha Oct 12 '14 at 08:16
  • @Dilantha try and add a build step in your job in order to display (echo) the $HOME and the username (or simply env, for all the environment variables) – VonC Oct 12 '14 at 08:17
  • echo $HOME showed /usr/share/tomcat7 but echo $USER did not show anything . What am i missing here ? :( – Dilantha Oct 12 '14 at 08:38
  • @Dilantha check your permissions (http://unix.stackexchange.com/a/37166/7490), and check the result of `env` (or other way to get the user: http://stackoverflow.com/a/20964432/6309) – VonC Oct 12 '14 at 09:19
  • Jenkins job runs as the tomcat user. so i created a ssh key for tomcat user and tried. still getting the same error :( – Dilantha Oct 13 '14 at 05:40
  • @Dilantha So `/usr/share/tomcat7/.ssh` includes id_rsa and id_rsa.pub, with the [right permissions](http://unix.stackexchange.com/a/37166/7490)? Is any of the [parent folders having `w` (write) right for group or world](http://stackoverflow.com/a/23751734/6309)? (I am looking at you, `/usr/share`), as in http://stackoverflow.com/a/24483902/6309. – VonC Oct 13 '14 at 05:50
  • I think the permission levels are ok with the example you send. Im still getting the same error. I have updated my question with the permissions. Thanks for the help – Dilantha Oct 13 '14 at 08:40
  • @Dilantha Make sure the permissions are ok for the parent folders of tomcat as well. – VonC Oct 13 '14 at 08:41
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/62959/discussion-between-dilantha-and-vonc). – Dilantha Oct 13 '14 at 08:45