Creating a job with credentials in jenkins only in

2019-08-07 15:32发布

问题:

I am only allowed to work with the command line terminal on Ubuntu. I need to create a job in Jenkins with security credentials.

I already installed Jenkins in my machine, but the access is open. If I set up security credentials on Jenkins, how can I specify these on the command line?

Thanks!

回答1:

Follow this steps

  1. Generate a public ssh-key in the user you want to work with from the command line.

    ssh-keygen
    

    Just press enter whenever yo are asked to enter some value.

  2. Copy the content of the file ~/.ssh/id_rsa.pub.

  3. Go to your jenkins home screen in a browser and login with a user with full access, Then click on the right on Users and then on the user you are currently logged with. Then click on settings (or configuration??).

  4. In the field SSH public keys paste the content of the id_rsa.pub file. Save the changes.

And thats all! Now you are able to work with jenkins from the command line.

From the command line

The following is the configuration file of my jenkins main user (with all the privileges). Pay attention to the setting <authorizedKeys>. Yo should paste there the public ssh key. I haven't made that, but surely if you add the necessary lines to yor config file it works. The file is in /path_to_jenkins/users/user_name/config.xml

<?xml version='1.0' encoding='UTF-8'?>
<user>
 <fullName>admin</fullName>
 <description></description>
 <properties>
  <jenkins.security.ApiTokenProperty>
   <apiToken>pP08W9tzs2jlCrVCY9I2o6y2RNu3Huw85Y2f99/Uif7dia1W7piGpzsrpstln/jw</apiToken>
  </jenkins.security.ApiTokenProperty>
  <com.cloudbees.plugins.credentials.UserCredentialsProvider_-UserCredentialsProperty plugin="credentials@1.4">
   <credentials/>
  </com.cloudbees.plugins.credentials.UserCredentialsProvider_-UserCredentialsProperty>
  <hudson.tasks.Mailer_-UserProperty plugin="mailer@1.4">
   <emailAddress>admin@mail.com</emailAddress>
  </hudson.tasks.Mailer_-UserProperty>
  <hudson.model.MyViewsProperty>
   <primaryViewName></primaryViewName>
   <views>
    <hudson.model.AllView>
      <owner class="hudson.model.MyViewsProperty" reference="../../.."/>
      <name>Alle</name>
      <filterExecutors>false</filterExecutors>
      <filterQueue>false</filterQueue>
      <properties class="hudson.model.View$PropertyList"/>
    </hudson.model.AllView>
  </views>
</hudson.model.MyViewsProperty>
<hudson.security.HudsonPrivateSecurityRealm_-Details>
 <passwordHash>1DF2ykjkkkjkkQXW</passwordHash>
</hudson.security.HudsonPrivateSecurityRealm_-Details>
<org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl>

<authorizedKeys>ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4P1b/5RpibQgDZpKPD7lTQLjtyMrIQH43ns62PO72koL9zJe6qrAYcTIDNOUvSYNYyKfrgt6Z5zB8MvvENQLWezDKTWNXINhZml0PxOlc9ZaHbQX6UqyFbTS6o+ZEGs+K92Yi/XwK5hTmN5Igsw5BQYEs5cOsd5H2PoEZdhK1X0XAEBX/+p6aNy585+/scgZj0jSIvcX+pnzsCJLKmeYadlLnbrvebf9u6pu8MI9RuAY5dvPfpSL4WynWwS1QvY4z535TqPaaAlM3qXqH0pcOlxgW1iUkJqti3JnnxpBNXLmXalmq+4/d7mUrRBx+HKbh5ZpNZad9vaelAjAsNg+uw== user@machine_name</authorizedKeys>
</org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl>
  <hudson.search.UserSearchProperty>
   <insensitiveSearch>false</insensitiveSearch>
  </hudson.search.UserSearchProperty>
 </properties>
</user>

Regards.