7

I've got Hudson (continuous integration system) with the git plugin running on a Tomcat Windows Service. msysgit is installed and the msysgit bin dir is in the path. PuTTY/Pageant/plink are installed and msysgit is configured to use them.

The trouble I'm running in to, I think, is that the user who owns the Tomcat/Hudson service (Local System) has no SSH key set up to be able to clone the git repository. When the git Hudson plugin tries to clone it gives the error:

$ git clone -o origin git@hostname:project.git "e:\HUDSON_HOME\jobs\Project Trunk\workspace"
ERROR: Error cloning remote repo 'origin' : Could not clone git@hostname:project.git
ERROR: Cause: Error performing git clone -o origin git@hostname:project.git e:\HUDSON_HOME\jobs\Project Trunk\workspace
Trying next repository
ERROR: Could not clone from a repository
FATAL: Could not clone
hudson.plugins.git.GitException: Could not clone

My question is, how can I set things up so that the git plugin/msysgit know to use a particular SSH private key when trying to clone? I don't think Pageant will work because the Tomcat service is running as the "Local System" user, but I may be wrong.

EDIT:

I've tried setting Pageant up as a service (using runassvc.exe), passing the appropriate key, and having it run as "Local System". The other service doesn't seem to be able to see the key from the pageant service.

jlpp
  • 246
  • 5
  • 10
  • I am not sure if it is the best idea to run Hudson with the (local system) user. Try to use a different user account to run Hudson. – Peter Schuetze Mar 11 '10 at 19:22
  • Good point, but even running as a different user, how would I get Hudson to "see" the SSH key? – jlpp Mar 11 '10 at 19:28

2 Answers2

2

You should definitely be able to get this running under a non-system user. Pick/create a user to run Hudson then try connecting to the server using ssh user@host. If it asks for a password it isn't finding you key obviously.

In that case, double check that the key is loaded into pageant (you need to get pageant to load the relevant key from disk every time it starts), and that the GIT_SSH environment variable is set.

One other way you could do this is set your GIT_SSH environment variable to include a reference to the key. I currently do this with tunnelier and SV, so eg my SVN_SSH variable is "sexec -pk=1" where sexec is tunnelier's ssh CLI and -pk=1 tells it to use my private key in slot 1.

imoatama
  • 337
  • 1
  • 5
0

You can do this using openssh keys instead of using putty; putty has the challenge of needing pageant running, but with an openssh key you just need the id_rsa key to be in ~/.ssh

The way I normally would do this is to set up Jenkins to run as a new user that I create. I go to the user's home directory (C:\Users\ by default on windows vista and later) and create a .ssh directory where I put an id_rsa file with the private key I want to use in openssh format.

I just had to figure out a similar trick on Mac: http://colonelpanic.net/2011/06/jenkins-on-mac-os-x-git-w-ssh-public-key/

taxilian
  • 101
  • 2
  • 1
    FWIW, on Windows (x64), the Local System "user" "~" directory is `%WINDIR%\SysWOW64\config\systemprofile` – Adam Rofer Apr 04 '12 at 21:16