credentials

Table of Contents

1 GitHub Setup

1.1 Clone the Tutorial Repository on GitHub

To follow this tutorial, you need an account on GitHub. You then need to fork the repository for the code used in this tutorial on your GitHub account. To do so:

1.2 Generate the ssh public and private keys

Now we are going to give the Jenkins server access to this GitHub repository using an ssh public/private key pair.

  • Create a ssh public/private key pair on any machine that you have access to. On a Linux or Mac machine you can generate those keys with the following command:
    $ ssh-keygen -t rsa -b 4096 -f id_rsa_github -C "netid@jenkins"
    

    where you should replace netid with your Princeton netid. The command line options are:

    • -f specifies the name for the ssh keys, you should pick something meaningful to you.
    • -C option is a comment so you can use what you want.

    You will be asked for a passphrase. You will need this passphrase when you copy the key to the Jenkins server.

  • This command creates two files:
    1. the private key: id_rsa_github
    2. the public key: id_rsa_github.pub

    The private key will be copied on the Jenkins server and the public key will be copied on your GitHub account.

For more help check out the GitHub documentation on generating ssh keys: GitHub help/Categories/SSH

1.3 Copy the public key to your GitHub account

GitHub also has some help on this subject: GitHub help on ssh deploy key.

Here is a summary:

  • Connect to your GitHub account.
  • Got to your repo (https://github.com/GitHubID/jenkins_tutorial).
  • Click on Settings then Deploy keys.
  • Copy the public part (id_rsa_github.pub) of your key. This should look like:
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUmNmendCMuuh25MnW8eE69RCuxHYFXx8up/c+BUnTDXWDxrx6C8t6ezE40fN2oVibIEOvVBWwvsN3CdtgMsSbA4zztYj3zTpZRCJw9z/LeNh4vfNb31ALUeR3mZ3zLT+nphajVsb5CKn4qFHMK3cD39g+MWuEk/uodfy+Vq6me+S0EjvkZKyEbEKLxBwmEaNrUeO2NcYGYnZlkn6dZjMzx0nE4DthJQCumGzPFwZ+Iuj7aqfthcejkbY/C1evDTg9ZQZdJlqUZlyKOYKsRpIJ/IstbsCnFWE+ZV8VjmTCl0mqsTdWy4JmvPVcfEezs012tfmzFUjaFUMUuIf11nbEZ1+SfJtny8kSPf95Ix6swxSpcbVXiRXInxlbXhaE8UCZ3/rZzClmDngd/Z7M6UH0JAf4o+VKKZZ3H4LKk30rwoyQ+U7zn9NZIdQ4dmmc+1k0l7TY7UeneMqmtNwWiJ2B+g/dy+DVI1bC6USkl+E8F0OSbPnlZEittFNxbFrIRaq4aLuFULrpZuZ3I9DrXXXJBKG8hDWj+zZWTgZncp8LDdfE740R+1z6xeX/3e0ODlzh3RSI97LlLGvfMxWDWaWa/5Mth8APDNucjuN1f5yzslBsGtxTbpgpvCN5OjVMCrYVndP3aYKyzIM9E8U48VfE3vUP0JajMOwgmuivpinxPQ== netid@jenkins
    
  • and paste on your GitHub repository. This should look like this:

    GitHubDeployKey.png

  • Check the Allow write access box.
  • Click Add key.

1.4 Add buildbot-princeton as a collaborator

You need to add the GitHub user "buildbot-princeton", which is the GitHub id for Jenkins at Princeton, as a collaborator to your fork. This explains how to do it: Adding collaborators to a personal repository

It is recommended that you give buildbot-princeton push (or write) access. We will talk about why later.

Your Collaborators and page on GitHub should look like this:

GitHubCollaborator.png

2 Slave Node Configuration

In this section we will use the following conventions:

  • the name of the slave node is: remote
  • your Princeton user ID (netid): netid

The Jenkins system administrator will send you a file containing an ssh public key named id_rsa_remote_netid.pub that you need to copy on your account on remote.

You can do it with the following steps, assuming that you already have ssh access to the remote host:

  1. copy the ssh public key on remote
    $ scp id_rsa_remote_netid.pub netid@remote.princeton.edu:~/.
    
  2. connect onto the remote host
    $ ssh netid@remote.princeton.edu
    
  3. make sure the directory ~/.ssh exists and that the permissions are correct:
    [netid@remote] $ mkdir -p ~/.ssh
    [netid@remote] $ chmod 700 ~/.ssh
    
  4. Append the public key to the file ~/.ssh/authorized_keys and make sure the permissions are correct:
    [netid@remote] $ cat id_rsa_remote_netid.pub >> ~/.ssh/authorized_keys
    [netid@remote] $ chmod 600 ~/.ssh/authorized_keys
    
  5. Create a directory called jenkins in your home directory
    [netid@remote] $ mkdir ~/jenkins
    

3 Set up your Jenkins Account to Access your GitHub Repository

Now we need to copy the private part of the key to your Jenkins account.

  • Connect to https://jenkins.princeton.edu with your Princeton netid/password. You will see the list of folders assigned to you, in this case there is one folder called tutorial_folder, in your case it will be the folder given to you by the Jenkins administrator.

    JenkinsTutorialFolder.png

  • Click on the folder tutorial_folder
  • Click on Credentials on the left-hand sidebar.

    JenkinsCredentials_1.png

  • Click on Global credentials (unrestricted)

    JenkinsCredentials_2.png

  • Click on Add Credentials

    JenkinsCredentials_3.png

  • Select:
    • Kind: SSH Username with private key
    • Username: your username on GitHub.
    • Private key: Enter directly. And copy paste the content of the private key file id_rsa_github.
    • Passphrase: Enter the passphrase that you used when generating the ssh key in 1.2.
    • Description: enter something that will make it easy to select the right credentials later. I use jenkins_tutorial deploy.

    The page should look like this:

    JenkinsCredentials_4.png

    • Click Ok.

Author: David Luet

Created: 2016-04-14 Thu 15:44

Emacs 24.5.1 (Org mode 8.2.10)

Validate