Jenkins setup:
Jenkins: 2.450
OS: Linux - 5.10.223-211.872.amzn2.x86_64
Java: 21.0.2 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
git:5.4.1
git-client:5.0.0
git-parameter:0.9.19
github:1.40.0
github-api:1.321-468.v6a_9f5f2d5a_7e
github-branch-source:1797.v86fdb_4d57d43
Installed on EKS cluster using JenkinsCI helm chart version: 5.1.4
- Helm: v3.15.1
- Kubernetes: v1.28.10
I have created my own custom container image as I had to add private CA certs to it. the base image for this is “jenkins/jenkins:2.450-jdk21”
I am installing cert to OS and keystore as:
RUN cp /resources/certs/OnPremises_Root_CA.crt /usr/local/share/ca-certificates/OnPremises_Root_CA.crt &&
update-ca-certificates &&
keytool -import -trustcacerts -file /usr/local/share/ca-certificates/OnPremises_Root_CA.crt -alias onprem-root-ca -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
Issue:
- When I try to create a pipeline or a multibranch pipeline, and choose Pipeline > Defintion: “pipeline script from SCM” > SCM: “Git” > Repositories > Respository URL “${private_repo_url}.git”
- And move focus out of the field, I get a error prompt saying
Failed to connect to repository : Command "git ls-remote -h -- https://github.onprem.prod/private-repo.git HEAD" returned status code 128:
stdout:
stderr: fatal: unable to access 'https://github.onprem.prod/private-repo.git/': server certificate verification failed. CAfile: none CRLfile: none
I can see that the base image is based on Debian 12 (bookworm) but the above info from the Jenkins script console shows it as Amazon linux 2 (5.10.223-211.872.amzn2.x86_64).
Quesitons:
- How do I add the CA cert to this node (Which is the only node)?
- How to get it working?