Re: Git Plugin Checkout From Branch With Tag

2021-04-13 Thread eric.fetzer 
I am SO sorry Mark, I confused this Jenkins thread with a totally unrelated 
support ticket.  I'm not using pipeline, just the git plug in in conjuction 
with git parameters.  What exactly do you mean by fetching the tags?Sent from 
my T-Mobile 4G LTE Device
 Original message From: Mark Waite  
Date: 4/13/21  7:29 PM  (GMT-05:00) To: Jenkins Users 
 Subject: Re: Git Plugin Checkout From Branch 
With Tag As far as I can tell, you didn't provide the context of the old 
conversation.  The steps you've attempted and the context where you're trying 
those steps are not clear to me.  The comments that follow are my guesses of 
things that might help you.If you're using Jenkins Pipeline and want to 
checkout a tag in your parameterized job, you must use the 'checkout scm' step 
rather than the 'git' step.  The Pipeline snippet generator will help you 
generate the correct syntax for your desired checkout.  There is a brief video 
included in the git plugin documentation that shows how to use the Pipeline 
snippet generator.  The git step documentation warns that 'checkout' is the 
preferred step and that tag checkout is not supported with the git step.If 
you're using a Freestyle job, then you may need to check that you're fetching 
the tags and that the tag parameter you're providing is being placed in the 
"Branch to build" as a variable to be expanded.Mark WaiteOn Tuesday, April 13, 
2021 at 1:21:39 PM UTC-6 eric@gmail.com wrote:Tried a bunch more stuff 
using Git Parameters:https://plugins.jenkins.io/git-parameter/Again, I can 
checkout from the branch, but not using the tag.  I set a git parameter for 
branch and then put it in the branch specifier and that worked.  I added 
another for tag, then put that in the same branch specifier after a space and 
got an error.  If I put it in an additional branch specifier, it seems to have 
gotten ignored.  Just got the tip revision from that branch.On Tue, Apr 13, 
2021 at 12:57 PM eric@gmail.com  wrote:OK, I think I've 
tried everything in this OLD conversation, but none of them work.  I have no 
issues checking out from a branch using branch specifier.  I've tried adding on 
to the specifier:  ${my_branch} tags/${my_tag}.  Have also added another branch 
and used this sort of thing (as well as every other way they said to do it in 
that thread).  Every way seems to just get the tip revision of all the files in 
that branch.  Does anyone have guidance of how to get this done?  Thanks!  Eric



-- 
You received this message because you are subscribed to a topic in the Google 
Groups "Jenkins Users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/jenkinsci-users/UGyBIx3pX9s/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/c045a834-8d68-46fe-8b72-860e89416209n%40googlegroups.com.





-- 
You received this message because you are subscribed to a topic in the Google 
Groups "Jenkins Users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/jenkinsci-users/UGyBIx3pX9s/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/54da0d5e-e11e-4564-a7b4-c2a49f94efaan%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/60762fe0.1c69fb81.51b85.e697%40mx.google.com.

Re: Git Plugin Checkout From Branch With Tag

2021-04-13 Thread Mark Waite 
As far as I can tell, you didn't provide the context of the old 
conversation.  The steps you've attempted and the context where you're 
trying those steps are not clear to me.  The comments that follow are my 
guesses of things that might help you.

If you're using Jenkins Pipeline and want to checkout a tag in your 
parameterized job, you must use the 'checkout scm' step 
 rather than 
the 'git' step .  The Pipeline 
snippet generator  
will help you generate the correct syntax for your desired checkout.  There 
is a brief video  included in the git plugin 
documentation  that shows how to 
use the Pipeline snippet generator.  The git step documentation 
 warns that 'checkout' is 
the preferred step and that tag checkout is not supported with the git step.

If you're using a Freestyle job, then you may need to check that you're 
fetching the tags and that the tag parameter you're providing is being 
placed in the "Branch to build" as a variable to be expanded.

Mark Waite
On Tuesday, April 13, 2021 at 1:21:39 PM UTC-6 eric@gmail.com wrote:

> Tried a bunch more stuff using Git Parameters:
>
> https://plugins.jenkins.io/git-parameter/
>
> Again, I can checkout from the branch, but not using the tag.  I set a git 
> parameter for branch and then put it in the branch specifier and that 
> worked.  I added another for tag, then put that in the same branch 
> specifier after a space and got an error.  If I put it in an additional 
> branch specifier, it seems to have gotten ignored.  Just got the tip 
> revision from that branch.
>
> On Tue, Apr 13, 2021 at 12:57 PM eric@gmail.com  
> wrote:
>
>> OK, I think I've tried everything in this OLD conversation, but none of 
>> them work.  I have no issues checking out from a branch using branch 
>> specifier.  I've tried adding on to the specifier:  ${my_branch} 
>> tags/${my_tag}.  Have also added another branch and used this sort of thing 
>> (as well as every other way they said to do it in that thread).  Every way 
>> seems to just get the tip revision of all the files in that branch.  Does 
>> anyone have guidance of how to get this done?  Thanks!  Eric 
>>
>> -- 
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "Jenkins Users" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/jenkinsci-users/UGyBIx3pX9s/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to 
>> jenkinsci-use...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/jenkinsci-users/c045a834-8d68-46fe-8b72-860e89416209n%40googlegroups.com
>>  
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/54da0d5e-e11e-4564-a7b4-c2a49f94efaan%40googlegroups.com.

Re: Possible bug in EC2 plugin: check of SSH key may be too strict (confirmation needed before filing bug report)

2021-04-13 Thread Thomas Matthijs 
Currently AWS doesn't support ed25519 (at least last time i checked in 2020)
People been asking for a few year, but maybe the plugin should accept
them already, hopefully only a matter of time till aws does

On Tue, 13 Apr 2021 at 11:49, Amedee Van Gasse
 wrote:
>
> So I went ahead and submitted a pull request anyway:
> https://github.com/jenkinsci/ec2-plugin/pull/595
>
> I'm sure it's not all up to standards but as it is my first contribution, I 
> assume that the Jenkins community will be very happy to explain me where it 
> can be improved. :-)
>
> On Tuesday, April 13, 2021 at 11:19:16 AM UTC+2 Amedee Van Gasse wrote:
>>
>> I have a question about https://github.com/jenkinsci/ec2-plugin. It may be a 
>> bug, but I'd like to have confirmation before I try to find out how to file 
>> a bug report.
>>
>> In 
>> https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/EC2Cloud.java
>>  there is the following validation in doCheckSshKeysCredentialsId:
>>
>> boolean hasStart = false, hasEnd = false;
>> BufferedReader br = new BufferedReader(new StringReader(privateKey));
>> String line;
>> while ((line = br.readLine()) != null) {
>> if (line.equals("-BEGIN RSA PRIVATE KEY-"))
>> hasStart = true;
>> if (line.equals("-END RSA PRIVATE KEY-"))
>> hasEnd = true;
>> }
>> if (!hasStart)
>> return FormValidation.error("This doesn't look like a private key at 
>> all");
>> if (!hasEnd)
>> return FormValidation
>> .error("The private key is missing the trailing 'END RSA PRIVATE 
>> KEY' marker. Copy error?");
>>
>> I have generated an ed25519 key, with
>>
>> ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
>>
>> SSH version:
>> OpenSSH_8.4p1 Ubuntu-5ubuntu1, OpenSSL 1.1.1j  16 Feb 2021
>>
>> This key looks like
>>
>> -BEGIN OPENSSH PRIVATE KEY-
>> (...)
>> -END OPENSSH PRIVATE KEY-
>>
>> I can successfully use this key to connect to manually started instances 
>> (with Manage Nodes -> Add New Node).
>>
>> I can not use this key to connect to an instance started by the EC2 plugin. 
>> The EC2 plugin tells me "This doesn't look like a private key at all".
>>
>> It appears as if the validation is too strict.
>>
>> Workaround:
>> In the private key file, I replaced
>> -BEGIN OPENSSH PRIVATE KEY-
>> (...)
>> -END OPENSSH PRIVATE KEY-
>>
>> with
>> -BEGIN RSA PRIVATE KEY-
>> (...)
>> -END RSA PRIVATE KEY-
>>
>>
>> Can someone confirm if this is an actual bug, or is the problem at my end?
>> If it is a bug, then how do I proceed to file a bug report? The repo at 
>> https://github.com/jenkinsci/ec2-plugin only has pull requests, no issue 
>> tracker.
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/jenkinsci-users/3abaa47f-7d0a-442f-ad7f-c12c57d7cc6en%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CABY_-Z5i5dntEgQ%2BadW0%3DDgDrUjOKZofQWzL_uxv1g%3DA7ybsSQ%40mail.gmail.com.

Re: Git Plugin Checkout From Branch With Tag

2021-04-13 Thread Eric Fetzer 
Tried a bunch more stuff using Git Parameters:

https://plugins.jenkins.io/git-parameter/

Again, I can checkout from the branch, but not using the tag.  I set a git
parameter for branch and then put it in the branch specifier and that
worked.  I added another for tag, then put that in the same branch
specifier after a space and got an error.  If I put it in an additional
branch specifier, it seems to have gotten ignored.  Just got the tip
revision from that branch.

On Tue, Apr 13, 2021 at 12:57 PM eric@gmail.com 
wrote:

> OK, I think I've tried everything in this OLD conversation, but none of
> them work.  I have no issues checking out from a branch using branch
> specifier.  I've tried adding on to the specifier:  ${my_branch}
> tags/${my_tag}.  Have also added another branch and used this sort of thing
> (as well as every other way they said to do it in that thread).  Every way
> seems to just get the tip revision of all the files in that branch.  Does
> anyone have guidance of how to get this done?  Thanks!  Eric
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Jenkins Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/jenkinsci-users/UGyBIx3pX9s/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/c045a834-8d68-46fe-8b72-860e89416209n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAByBica3dvXErnbX2hT-6hSmFHiANVe1517yShpFehNto0ub4w%40mail.gmail.com.

Git Plugin Checkout From Branch With Tag

2021-04-13 Thread eric....@gmail.com 
OK, I think I've tried everything in this OLD conversation, but none of 
them work.  I have no issues checking out from a branch using branch 
specifier.  I've tried adding on to the specifier:  ${my_branch} 
tags/${my_tag}.  Have also added another branch and used this sort of thing 
(as well as every other way they said to do it in that thread).  Every way 
seems to just get the tip revision of all the files in that branch.  Does 
anyone have guidance of how to get this done?  Thanks!  Eric

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/c045a834-8d68-46fe-8b72-860e89416209n%40googlegroups.com.

EC2 plugin: instances not starting

2021-04-13 Thread Amedee Van Gasse 
$JENKINS_URL/configureClouds/

Add new cloud: *Amazon EC2*
Name: *Amazon EC2 eu-central-1*
Amazon EC2 Credentials: *AKIA...*
Region: *eu-central-1*
EC2 Key Pair's Private Key: *ubuntu*
Test connection: *success*
Advanced...
Instance Cap: *3*
No delay provisioning: *checked*
Add AMI
Description: *Linux node*
AMI ID: *ami-0293...*
Check AMI: *05052029...*
Instance Type: *T3aMedium*
EBS Optimized: *checked*
Monitoring: *checked*
T2 Unlimited: *checked*
Security group names: *sg-0c2d...* (opens SSH port 22)
Remote FS root: *./jenkins*
Remote user: *ubuntu*
AMI Type: *unix*
Labels: *aws ubuntu linux*
Usage: *Use this node as much as possible*
Idle termination time: *30*
Advanced...
Number of executors: *2*
Stop/Disconnect on Idle Timeout: *checked*
Minimum number of instances: *1*
Minimum number of spare instances: *0*
Instance cap: *10*
Block device mapping: */dev/sda1=snap-0eadbe3f...:200:true:gp2, 
/dev/sdb=ephemeral0, /dev/sdc=ephemeral1*
Associate Public IP: *checked*
Connection Strategy: *Public DNS*
Host Key Verification Strategy: *off*
Maximum Total Uses: *10*
Environment variables: *checked*
(not listing all environment variables)
Tool locations: *checked*
(not listing all tool locations)

With this configuration, I would expect that at least 1 EC2 instance would 
be started, but no instance is started. What do I need to change?

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/a7d7be6c-d531-495f-af2c-defaf2cebcf2n%40googlegroups.com.

EC2 plugin: Connection strategy field fails on every change

2021-04-13 Thread Amedee Van Gasse 
Whenever you change the value of the *Connection strategy field*, its 
validation fails with: *Could not find selected connection strategy*.

It looks like the same error as described 
in https://issues.jenkins.io/browse/JENKINS-61161 
and https://github.com/jenkinsci/ec2-plugin/pull/538, however that PR is 
already merged.

I am using EC2 plugin version 1.56 and I still get that error.

How do I get rid of this error?

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/e28a6e74-a45d-4f63-b7fd-352deefa89a0n%40googlegroups.com.

Re: Can I send cppcheck results through slack in a jenkins pipeline?

2021-04-13 Thread jesus fernandez 
How can I access those token macros? (sorry if this is a silly question) I 
have never used them before, I tried to print the value with ```println 
${ANALYSIS_ISSUES_COUNT, tool="cppcheck", type="NEW"}``` but I get an 
unexpected token error

El viernes, 9 de abril de 2021 a las 14:03:39 UTC+2, ullrich...@gmail.com 
escribió:

>
> https://github.com/jenkinsci/warnings-ng-plugin/blob/master/doc/Documentation.md#token-macro-support
>
> Am 09.04.2021 um 13:59 schrieb jesus fernandez :
>
> Thanks for replying, any documentation or link to guide me in the right 
> direction on how to do it? I am quite Junior and have been learning Jenkins 
> on my own
>
> El viernes, 9 de abril de 2021 a las 13:46:48 UTC+2, ullrich...@gmail.com 
> escribió:
>
>> Exporting results from one plugin into another plugin is definitely 
>> possible. You typically have two steps:
>> 1) Export the data from a producer plugin
>> a) using Tokens
>> b) using API methods of the plugin
>> 2) Import the data (or reformat and aggregate it) into a consumer plugin
>>
>> For step 1 I can say this works for the warnings plugin, it can export 
>> the results of CppCheck either into tokens or into objects (that you can 
>> process using your pipeline). 
>>
>> I have no idea if the slack plugin is capable of doing step 2 though, but 
>> I would assume that it works in that way...
>>
>> Am 09.04.2021 um 08:39 schrieb jesus fernandez :
>>
>> I just started using cppcheck, and I was wondering if there is any way to 
>> access to the report values (for instance number of total errors) and send 
>> it to slack. I have been searching in the documentation and here in SO but 
>> I have found nothing, as I just have been using Jenkins for a couple of 
>> months ( I am a junior dev) I was wondering if somebody know if this is 
>> possible and could drive me in the right direction.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to jenkinsci-use...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/jenkinsci-users/d3aee90e-5331-480f-84d7-4df7c3ebcf6fn%40googlegroups.com
>>  
>> 
>> .
>>
>>
>>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-use...@googlegroups.com.
>
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/jenkinsci-users/abdfdbec-e2cf-4f69-a089-1cb93dcef30en%40googlegroups.com
>  
> 
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/c5ba204c-fa9f-4f6c-800f-69dba9680f87n%40googlegroups.com.

Re: how to access all classes and methods of a plugin in jenkins pipeline?

2021-04-13 Thread jesus fernandez 
is there a javadoc for warnings-ng plugin? or just the github? I get a 404 
when accesing the warnings-ng javadoc

El lunes, 12 de abril de 2021 a las 14:28:33 UTC+2, ullrich...@gmail.com 
escribió:

> In the source code in GitHub?
>
> You can also look for methods annotated with ExportedBean.
>
> Am 12.04.2021 um 10:16 schrieb jesus fernandez :
>
>
> where can I see that? in the javadoc I do not see any method with that 
> annotation, thoug I could use the getResults() with no problems
> El domingo, 11 de abril de 2021 a las 21:43:06 UTC+2, ullrich...@gmail.com 
> escribió:
>
>> Due to security considerations only methods marked with @Whitelisted are 
>> accessible in Groovy scripts. Does your getter have such an annotation?
>>
>> Am 11.04.2021 um 19:02 schrieb jesus fernandez :
>>
>> I am a junior dev trying to lear about Jenkins, I have been learning on 
>> my own for a couple of months. Currently I have a pipeline (just for 
>> learning purposes) which runs static analysis on a folder, and then publish 
>> it, I have been able to send a report through email using jelly templates, 
>> from there I realized it is posbile to instantiate the classes of a plugin 
>> to use its methods so I went to the cppcheck javadoc here 
>> https://javadoc.jenkins.io/plugin/cppcheck/ and did some trial and error 
>> so I can get some values of my report and then do something else with them 
>> something, so I had something like this in my pipeline:
>> ```
>> pipeline {
>> agent any
>>
>> stages {
>>   stage('analysis') {
>> steps {
>>   script{
>> bat'cppcheck "E:/My_project/Source/" --xml --xml-version=2 . 2> 
>> cppcheck.xml'
>>   }
>>}
>> }
>> stage('Test'){
>>   steps {
>> script {
>>   publishCppcheck pattern:'cppcheck.xml'
>>   for (action in currentBuild.rawBuild.getActions()) {
>> def name = action.getClass().getName()
>> if (name == 'org.jenkinsci.plugins.cppcheck.CppcheckBuildAction') 
>> {
>>def cppcheckaction = action
>>def totalErrors = 
>> cppcheckaction.getResult().report.getNumberTotal()
>>println totalErrors
>>def warnings = 
>> cppcheckaction.getResult().statistics.getNumberWarningSeverity()
>>println warnings
>>   }
>> }
>>   } 
>> }
>> }
>> }
>>
>> }
>> ```
>> which output is:
>> ```
>> [Pipeline] echo
>> 102
>> [Pipeline] echo
>> 4
>> ```
>>
>> My logic (wrongly) tells me that if I can access to the report and 
>> statistics classes like that and uses their methods getNumberTotal() and 
>> getNumberWarningSeverity() respectively, therefore I should be able to also 
>> access the ```DiffState``` class in the same way and use the 
>> ```valueOf()``` method to get an enum of the new errors. But adding this to 
>> my pipeline:
>> ```
>> def nueva = cppcheckaction.getResult().diffState.valueOf(NEW)
>> println nueva
>> ```
>> Gives me an error:
>> ```
>> org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: No 
>> such field found: field org.jenkinsci.plugins.cppcheck.CppcheckBuildAction 
>> diffState
>> at 
>> org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.unclassifiedField(
>> SandboxInterceptor.java:425 )
>> at 
>> org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(
>> SandboxInterceptor.java:409 )
>> ...
>> ```
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to jenkinsci-use...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/jenkinsci-users/ca24b1f9-b0a8-4e81-8101-0b25f8267602n%40googlegroups.com
>>  
>> 
>> .
>>
>>
>>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-use...@googlegroups.com.
>
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/jenkinsci-users/9c65acbc-f199-4d99-8d96-0b37a44a4f2an%40googlegroups.com
>  
> 
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/b2fbf350-74c1-4109-a08d-8f1a0ef91d42n%40googlegroups.com.

Re: Possible bug in EC2 plugin: check of SSH key may be too strict (confirmation needed before filing bug report)

2021-04-13 Thread Amedee Van Gasse 
Oh wow, my PR is merged already, I did not expect that!

On Tuesday, April 13, 2021 at 11:49:11 AM UTC+2 Amedee Van Gasse wrote:

> So I went ahead and submitted a pull request anyway:
> https://github.com/jenkinsci/ec2-plugin/pull/595
>
> I'm sure it's not all up to standards but as it is my first contribution, 
> I assume that the Jenkins community will be very happy to explain me where 
> it can be improved. :-)
>
> On Tuesday, April 13, 2021 at 11:19:16 AM UTC+2 Amedee Van Gasse wrote:
>
>> I have a question about https://github.com/jenkinsci/ec2-plugin. It may 
>> be a bug, but I'd like to have confirmation before I try to find out how to 
>> file a bug report.
>>
>> In 
>> https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/EC2Cloud.java
>>  
>> there is the following validation in doCheckSshKeysCredentialsId:
>>
>> boolean hasStart = false, hasEnd = false;
>> BufferedReader br = new BufferedReader(new StringReader(privateKey));
>> String line;
>> while ((line = br.readLine()) != null) {
>> if (line.equals("-BEGIN RSA PRIVATE KEY-"))
>> hasStart = true;
>> if (line.equals("-END RSA PRIVATE KEY-"))
>> hasEnd = true;
>> }
>> if (!hasStart)
>> return FormValidation.error("This doesn't look like a private key at 
>> all");
>> if (!hasEnd)
>> return FormValidation
>> .error("The private key is missing the trailing 'END RSA 
>> PRIVATE KEY' marker. Copy error?");
>>
>> I have generated an *ed25519* key, with
>>
>> ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
>>
>> SSH version:
>> *OpenSSH_8.4p1 Ubuntu-5ubuntu1, OpenSSL 1.1.1j  16 Feb 2021*
>>
>> This key looks like
>>
>> -BEGIN OPENSSH PRIVATE KEY-
>> (...)
>> -END OPENSSH PRIVATE KEY-
>>
>> I can successfully use this key to connect to manually started instances 
>> (with *Manage Nodes* -> *Add New Node*).
>>
>> I can not use this key to connect to an instance started by the EC2 
>> plugin. The EC2 plugin tells me *"This doesn't look like a private key 
>> at all"*.
>>
>> It appears as if the validation is too strict.
>>
>> Workaround:
>> In the private key file, I replaced
>> -BEGIN OPENSSH PRIVATE KEY-
>> (...)
>> -END OPENSSH PRIVATE KEY-
>>
>> with
>> -BEGIN RSA PRIVATE KEY-
>> (...)
>> -END RSA PRIVATE KEY-
>>
>>
>> Can someone confirm if this is an actual bug, or is the problem at my end?
>> If it is a bug, then how do I proceed to file a bug report? The repo at 
>> https://github.com/jenkinsci/ec2-plugin only has pull requests, no issue 
>> tracker.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/76960146-538c-49ee-8df9-d2e9cdcdd925n%40googlegroups.com.

Re: Possible bug in EC2 plugin: check of SSH key may be too strict (confirmation needed before filing bug report)

2021-04-13 Thread Amedee Van Gasse 
So I went ahead and submitted a pull request anyway:
https://github.com/jenkinsci/ec2-plugin/pull/595

I'm sure it's not all up to standards but as it is my first contribution, I 
assume that the Jenkins community will be very happy to explain me where it 
can be improved. :-)

On Tuesday, April 13, 2021 at 11:19:16 AM UTC+2 Amedee Van Gasse wrote:

> I have a question about https://github.com/jenkinsci/ec2-plugin. It may 
> be a bug, but I'd like to have confirmation before I try to find out how to 
> file a bug report.
>
> In 
> https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/EC2Cloud.java
>  
> there is the following validation in doCheckSshKeysCredentialsId:
>
> boolean hasStart = false, hasEnd = false;
> BufferedReader br = new BufferedReader(new StringReader(privateKey));
> String line;
> while ((line = br.readLine()) != null) {
> if (line.equals("-BEGIN RSA PRIVATE KEY-"))
> hasStart = true;
> if (line.equals("-END RSA PRIVATE KEY-"))
> hasEnd = true;
> }
> if (!hasStart)
> return FormValidation.error("This doesn't look like a private key at 
> all");
> if (!hasEnd)
> return FormValidation
> .error("The private key is missing the trailing 'END RSA 
> PRIVATE KEY' marker. Copy error?");
>
> I have generated an *ed25519* key, with
>
> ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
>
> SSH version:
> *OpenSSH_8.4p1 Ubuntu-5ubuntu1, OpenSSL 1.1.1j  16 Feb 2021*
>
> This key looks like
>
> -BEGIN OPENSSH PRIVATE KEY-
> (...)
> -END OPENSSH PRIVATE KEY-
>
> I can successfully use this key to connect to manually started instances 
> (with *Manage Nodes* -> *Add New Node*).
>
> I can not use this key to connect to an instance started by the EC2 
> plugin. The EC2 plugin tells me *"This doesn't look like a private key at 
> all"*.
>
> It appears as if the validation is too strict.
>
> Workaround:
> In the private key file, I replaced
> -BEGIN OPENSSH PRIVATE KEY-
> (...)
> -END OPENSSH PRIVATE KEY-
>
> with
> -BEGIN RSA PRIVATE KEY-
> (...)
> -END RSA PRIVATE KEY-
>
>
> Can someone confirm if this is an actual bug, or is the problem at my end?
> If it is a bug, then how do I proceed to file a bug report? The repo at 
> https://github.com/jenkinsci/ec2-plugin only has pull requests, no issue 
> tracker.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/3abaa47f-7d0a-442f-ad7f-c12c57d7cc6en%40googlegroups.com.

Possible bug in EC2 plugin: check of SSH key may be too strict (confirmation needed before filing bug report)

2021-04-13 Thread Amedee Van Gasse 
I have a question about https://github.com/jenkinsci/ec2-plugin. It may be 
a bug, but I'd like to have confirmation before I try to find out how to 
file a bug report.

In 
https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/EC2Cloud.java
 
there is the following validation in doCheckSshKeysCredentialsId:

boolean hasStart = false, hasEnd = false;
BufferedReader br = new BufferedReader(new StringReader(privateKey));
String line;
while ((line = br.readLine()) != null) {
if (line.equals("-BEGIN RSA PRIVATE KEY-"))
hasStart = true;
if (line.equals("-END RSA PRIVATE KEY-"))
hasEnd = true;
}
if (!hasStart)
return FormValidation.error("This doesn't look like a private key at 
all");
if (!hasEnd)
return FormValidation
.error("The private key is missing the trailing 'END RSA 
PRIVATE KEY' marker. Copy error?");

I have generated an *ed25519* key, with

ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519

SSH version:
*OpenSSH_8.4p1 Ubuntu-5ubuntu1, OpenSSL 1.1.1j  16 Feb 2021*

This key looks like

-BEGIN OPENSSH PRIVATE KEY-
(...)
-END OPENSSH PRIVATE KEY-

I can successfully use this key to connect to manually started instances 
(with *Manage Nodes* -> *Add New Node*).

I can not use this key to connect to an instance started by the EC2 plugin. 
The EC2 plugin tells me *"This doesn't look like a private key at all"*.

It appears as if the validation is too strict.

Workaround:
In the private key file, I replaced
-BEGIN OPENSSH PRIVATE KEY-
(...)
-END OPENSSH PRIVATE KEY-

with
-BEGIN RSA PRIVATE KEY-
(...)
-END RSA PRIVATE KEY-


Can someone confirm if this is an actual bug, or is the problem at my end?
If it is a bug, then how do I proceed to file a bug report? The repo 
at https://github.com/jenkinsci/ec2-plugin only has pull requests, no issue 
tracker.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/26dd4e46-c712-4b98-9559-d929c129bd06n%40googlegroups.com.