Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Parsing issues with JCasC and

See original GitHub issue

Your checklist for this issue

🚨 Please review the guidelines for contributing to this repository.

  • [x ] Jenkins version 2.190.1

  • Plugin version Credentials Plugin - 2.3.0 and Configuration as Code - 1.32

  • OS Linux

Description

I’m am trying to execute the following fragment in my JCasC script

  credentials:
    system:
      domainCredentials:
        - credentials:
            - basicSSHUserPrivateKey:
                scope: SYSTEM
                id: ssh_with_passphrase_provided
                username: ssh_root
                passphrase: ${SSH_KEY_PASSWORD}
                description: "SSH passphrase with private key file. Private key provided"
                privateKeySource:
                  directEntry:
                    privateKey: ${SSH_PRIVATE_KEY}

When I insert my private key in PEM format into the fragment and run it, my github certificate is reported as invalid but if I put the same value manually to the certificate plugin it works just fine.

After much testing and reading about base64 encoding I stumbled upon this fragment to check the contents of my certificate store:

 def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
     com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
     Jenkins.instance,
     null,
     null
 );
 for (c in creds) {
      println(c.id + ": " + c.description  )
      if(c instanceof com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey)
               println(c.getPrivateKey())
 }

I was able to determine that the contents of the certificate are not being parsed properly by the JCasC input process. To put it simply: The carriage return after the “BEGIN PRIVATE” is being ignored as well as the carriage return before the “END PRIVATE”. Here is an example:

-----BEGIN RSA PRIVATE KEY----- line 1
line 2
line 3
line 4 -----END RSA PRIVATE KEY-----

I was able to fix it by inserting the CR directly into the JCasC template and it works just fine.

I thought I’d pass this on since it might help someone in the same situation as myself and possibly close a bug!

Thanks!

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:16 (3 by maintainers)

github_iconTop GitHub Comments

2reactions
daverod24commented, Dec 2, 2019

I could solve the problem I had here the solution 20 spaces have to be indented and I did it this way and it worked for me

#jinja2: trim_blocks: "true", lstrip_blocks: "true"

           - basicSSHUserPrivateKey:
               scope: GLOBAL
               id: "{{slave_linux_jenkins_cred_id}}"
               username: "{{jenkins_user}}"
               passphrase: ''
               description: "SSH passphrase with private key file. Private key provided for {{jenkins_user}}"
               privateKeySource:
                 directEntry:
                   privateKey: |
                      {{ SSH_PRIVATE_KEY | indent(20) }}

render this way and it’s works #resolvetaskssh

              privateKeySource:
                directEntry:
                  privateKey: |
                    -----BEGIN RSA PRIVATE KEY-----
                    MIIEogIBAAKCAQEAm2eO9B2a9g6E7vCmhEMyoNDyPgUmcr4gChnirniN0SUYCAyo
                    2/rSVhEe+LxU1MR3ZhOfTGX6uozc/bBHExsKj4/drR2f6oAJfa8Drvaplxr7GeI5
                    ul4tea/ZtsT6iPNYLlfJeMM7TkjMt7fl/x+pycxT4fuWKRDoOHZlPcXXZkPvbSpm
                    D7UmkQq7npyzkTwysY7OeeF5iXT6LOZRyc28Yn5fxzmAZ58lTzHExBHP1HcmH++h
                    hPIBAoGAPlJk4r3bAa3wK8CcuWISPmSx5TM/KWKDWCZpkGX99gKVIJrxTVc9Kyu6
                    qov+TRng6qxbA/8BOL7MWjJu9e5n5dNHZE5bghBSDoC+8g6tZxsMJrFuQQ+Y1EiH
                    n63Rb1vZJOXH7o/iiBU8ZRbGVX0iPCJZaXcGVOfwXPcR55NhocY=
                    -----END RSA PRIVATE KEY-----

I hope this helps someone regards

1reaction
jetersencommented, Dec 4, 2020
Read more comments on GitHub >

github_iconTop Results From Across the Web

[JENKINS-53864] CasC compatibility with Log Parser Plugin
According to the source of the Log Parser Plugin, this is likely in reference to the fact that the constructor to the DescriptorImpl...
Read more >
Troubleshooting CasC for controllers
One or more elements in the items list cannot be parsed. For each item with the name and kind properties defined, there is...
Read more >
jenkinsci/configuration-as-code-plugin - Gitter
just to clarify, CasC boots up with no problem, it's when I try to reload the configuration from the GUI that it gives...
Read more >
solidify your JCasC, Job DSL and Pipelines usage - YouTube
Many people uses Jenkins for testing changes in their software automatically. But do as many people tests changes in Jenkins itself?
Read more >
Error handling in Groovy initialization scripts vs JCasC
I often have this problem that my working JCasC configuration suddenly breaks ... and probably want warnings without fatals for parsing.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Credentials cannot be configured on fresh install

Next page

Possible NPE when DataBound Object attribute is not Describable