I want to run a packer build in my Jenkins pipeline to create an AWS AMI.
Packer needs an ssh key to connect to AWS, but we don't store the private
key in our ephemeral Jenkins slaves that run in a Docker container. I
therefore was thinking of using the sshagent plugin, and want to do this
sshagent(credentials: "some-creds") {
export SSH_KEY="/path_to_ssh_private_key"
packer build create-ami.json
}
Where the create-ami.json Packer file uses the SSH_KEY variable to set the
ssh key.
I see this in the Jenkins console output
[Pipeline] sshagent[ssh-agent] Using credentials some-creds (Bitbucket
credentials)
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent] Exec ssh-agent (binary ssh-agent on a remote machine)
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-rTJZhA9qNK6L/agent.206
SSH_AGENT_PID=208
Running ssh-add (command line suppressed)
Identity added:
/home/jenkins/workspace/Utilities/test-packer@tmp/private_key_614590059258028269.key
(/home/jenkins/workspace/Utilities/test-packer@tmp/private_key_614590059258028269.key)
[ssh-agent] Started.[Pipeline] {[Pipeline] sh[test-packer] Running shell script
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 208 killed;
[ssh-agent] Stopped.
But when I try to use
export SSH_KEY=$WORKSPACE/test-packer@tmp/private_key_614590059258028269.key
the file isn NOT there, that is, packer can't connect via ssh. I run the same
Packer file on my Mac locally and it works.
How can I make this work in a Pipeline script?
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/00077961-036b-4385-be90-746997f237f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
