Child pages
  • Publish Over SSH Plugin
Skip to end of metadata
Go to start of metadata

Plugin Information

View Publish Over SSH on the plugin site for more information.

Publish Over ...

Read Publish Over wiki page first

Please read Publish Over first.
Common configuration options that are documented in the Publish Over wiki page will not be repeated here.

Features

  • SCP - Send files over SSH (SFTP)
  • Execute commands on a remote server (can be disabled for a server configuration, or for the whole plugin)
  • Use username and password (keyboard-interactive) or public key authentication
  • Passwords/passphrases are encrypted in the configuration files and in the UI
  • SSH SFTP/ SSH Exec can be used as a build step during the build process (Freestyle and Matrix projects)
  • SSH before a (maven) project build, or to run after a build whether the build was successful or not (see Build wrappers below)
  • The plugin is "promotion aware" (send files directly from the artifacts directory of the build that is being promoted) see Promotions
  • Optionally override the authentication credentials for each server in the job configuration (or provide them if they have not been provided for that server in the global configuration)
  • Optionally retry if the transfer of files fails (useful for flakey connections)
  • Enable the command/ script to be executed in a pseudo TTY

Build wrappers

There will be two new options in the Build Environment section of the job configuration

  1. Send files or execute commands over SSH before the build starts
    This allows SSH to be used before a build begins, but after the workspace has been configured and source checked out
    Most useful for maven project types
  2. Send files or execute commands over SSH after the build runs
    As long as the build was attempted, this will run after the build finishes, and will run whether the build is successful or not
    This allows cleanup or shutdown of services started before or during the build
    Use the publisher (Send build artifacts over SSH in Post-build Actions) to publish build artifacts from succesful builds

Configure

Create host configurations in the main Jenkins configuration

From the Jenkins home page, click "Manage Jenkins" and then click on "Configure System"

Find the SSH section (as below)

This configures the default key that will be used by all of the SSH configurations.
The simplest way to configure the key is to paste an unencrypted key into the Key box.
To configure, set either the path to a file containing the key or paste the key into the Key field.
If you enter data into both Path to key and Key, the pasted Key will take precedence and the Path to file will be ignored.

Unencrypted keys

If you plan to give read access to the Jenkins configuration page to non administrators, then you should ensure that you only use private keys encrypted with strong passphrases.
The passphrase itself will be encrypted when the configuration is saved, and will also be encrypted in the UI so that the value cannot be read.

Passphrase

If the key is encrypted with a passphrase then set it here.

Path to file

The location, on the Jenkins master, of the private SSH key to use.
The path can be an absolute path to the key, or relative to the JENKINS_HOME directory.

Key

Paste the private key into this box.
The key should include both the header and footer lines (----) and everything in between.

Disable exec

This option will remove the ability to execute commands from this plugin.
If this option is checked, then the Disable exec option in the Advanced section of an SSH Server will be ignored.

Add an SSH Server

Click on the "Add" button next to "SSH Servers"

Fill in Name, Hostname, Username and Remote Directory. see Publish Over ... for common options for Host Configurations

Username

The user that will be used to connect to the host.
This user will need the public key in their authorized_keys file on the remote host (if using public key authentication).

Advanced options

see Publish Over ... for common options for Host Configurations

Use password authentication, or use a different key

Selecting this option will produce 3 more configuration boxes that mirror the options available for the Jenkins SSH Key.

Passphrase / Password

If either Path to key or Key are configured then this is the passphrase to use with the encrypted key.
If no key is configured then this is the password that will be used for password authentication.

Path to key

See description above.

Key

See description above.

Disable exec

This option will remove the ability to execute commands using this configuration.

Add the public key to the remote server

Ensure that the public key (counterpart to the private key configured above) is in the authorized keys file for the user that you connect as on the server you want to connect to.

Click "Test Configuration".
Add more server configurations (if required)
Save

Use SSH during a build

This plugin includes a builder which enables the use of the publisher during the build process.

This means that you can send newly created packages to a remote server and install them, start and stop services that the build may depend on and many other use cases.

Configure a job to Publish Over SSH

see Publish Over ... for common options for Server

see Publish Over ... for common options for Transfer Sets

Exec command

If there is anything in this configuration box then it will be executed on the remote server.
If Source files are configured, then the files will be transfered before the Exec command is executed.
If the exit status of the command is not zero, then the publish will fail.
STDOUT and STDERR from the command execution are recorded in the Jenkins console.

Source files, Exec command

You must configure Source files, Exec command or both.
If neither Source files nor Exec command are configured, the publish will fail.
If the Source files box is empty then no files will be transferred.

Environment variables

Source files, Remove prefix, Remote directory and Exec command can all use the Jenkins environment variables and build parameters.

Advanced (Server)

Advanced (Transfer Sets)

see Publish Over ... for details of common options

Exec timeout (ms)

Configure a timeout for the Exec command to use.
If the command has not returned within this time then the publish will fail.

Exec in pty

Run the Exec command in a pseudo TTY.

Advanced (Publisher)

If you click the "Advanced..." button that is immediately below the "Add Server" button, you will make more configuration options available.

see Publish Over ... for common options for Publisher

Options to override the default Promotion behaviour

If you are configuring an action in a promotion, new options will become available.

see Publish Over ... for common options for Promotions

Change log

1.14 (24/03/2016)

  • JENKINS-29360 Bumped the version of jsch to overcome algorithm issue
  • Add support for proxies (PR #10)

1.13 (19/05/2015)

  • Implement methods for adding and removing host configurations (PR #5)

1.12 (16/10/2014)

  • Don't blow up errors when interacting with Item.EXTENDED_READ (PR #8)

1.11 (30/12/2013)

  • JENKINS-17058 Publish over SSH plugin XML configuration cannot be read on Jenkins start up.

1.10 (03/03/2013)

  • JENKINS-16681 Allow source file names and paths to contain whitespace
    • Add Advanced Transfer Set option "Pattern separator"

1.9 (22/10/2012)

  • JENKINS-13831 Option to create empty directories
  • No default excludes option now available for all versions of Jenkins
  • Exclude files pattern now available for all versions of Jenkins

1.8 (10/09/2012)

  • JENKINS-13693 Add option to disable default excludes
  • Prefix Publish over to the global config section title
  • Move the defaults configuration in the global config to an Advanced section

1.7 (08/05/2012)

  • Fixed JENKINS-13714 Drag and drop handle missing from transfer sets

1.6 (06/02/2012)

  • Upgrade JSch from 0.1.44 to 0.1.45
  • Remove gssapi-with-mic as a preferred auth method

1.5 (10/11/2011)

  • Enable the server credentials to be specified/overriden when configuring the publisher in a job

1.4 (11/09/2011)

1.3 (05/08/2011)

  • JENKINS-10599 When using the Flatten files option, do not create the Remote directory if there are no files to transfer

1.2 (21/07/2011)

  • JENKINS-10315 Only open an SFTP connection if any of the transfer sets have source files configured
    • Saves time and resources on client and server
    • Enables the plugin to run commands on servers that do not support SFTP
  • JENKINS-10363 Allow the publisher default values to be changed in Manage Jenkins (on Jenkins and Hudson 1.391 - 1.395)

1.1 (09/07/2011)

1.0 (08/07/2011)

0.14 (06/06/2011)

  • Fixed JENKINS-9878 where the password/passphrase for an individual configuration was ignored when saving the global config (Manage Jenkins)

0.13 (20/05/2011)

  • Remove "Give the master a NODE_NAME" option when running on Jenkins 1.414 or later
  • Default the "Give the master a NODE_NAME" option to 'master' when run on a Jenkins older than 1.414

0.12 (09/05/2001)

  • Advanced Transfer Set option to Exclude files
    (option only available with Jenkins 1.407 and later)
  • JENKINS-9480 Exec command is now an expandable textarea

0.11 (15/04/2011)

  • Fixed form validation issue (JENKINS-9376) when selected configuration name contains non ASCII characters

0.10 (14/04/2011)

  • Fix potential NPE when performing ajax form validation

0.9 (10/04/2011)

  • Reduce horizontal space taken up by labels in the configuration views

0.8 (10/04/2011)

  • Add options to disable exec for individual configurations, or for the whole plugin

0.7 (01/04/2011)

  • Enable form validation for SSH key file location for Jenkins 1.399 and later

0.6 (07/03/2011)

  • Fixed JENKINS-8982 where configuration for the builder was not populated when re configuring a job

0.5 (18/02/2011)

  • Passwords/passphrases encrypted in config files and in UI (now requires Hudson > 1.384 or any Jenkins)
  • Environment variables for substitution now include build variables (including matrix build axis)
  • Added build wrapper to enable SSH before a (maven) project build, or to run after a build whether the build was successful or not

0.4 (16/02/2011)

  • Added form validation
  • Removed debug logs for new configurations

0.3 (11/02/2011)

  • 2 new configuration options when in promotion
    • Use the workspace when selecting "Source files"
    • Use the time of the promotion when using "Remote directory is a date format"

0.2 (10/02/2011)

  • Stop the builder from showing up in promotion actions as publisher already included

0.1 (08/02/2011)

  • Initial release

Questions, Comments, Bugs and Feature Requests

Please post questions or comments about this plugin to the Jenkins User mailing list.
To report a bug or request an enhancement to this plugin please create a ticket in JIRA.

29 Comments

  1. Would it be possible to add an option to publish over rsync?  This plugin offers almost everything I need except we have a large amount of files but only a few change each time.  Rsync would greatly reduce the time it takes.

  2. Is it possible to add Jenkins master server as SSH publisher?

    The reason is that I'd like to do some files processing on master server as build step of the job that actually builds on slave server. 

    The only way is to use 'Send files or execute commands over SSH before the build starts option, but I don't know if it is correct to use master server in such way. 

    Thank you in advance. 

  3. Would it be possible to add support for an HTTP-Proxy for the SSH session? It would already help if you can configure a host to use the Proxy of the VM (via http.proxyHost/Port System properties).

  4. Would it be possible to add an option to publish over group of servers with single parameters set? For example if I have many servers [1-100].example.com and I like to publish build over all of them. Also, I'd like to configure private key/access options once over all of them (server group term) but not 100 times for each.

  5. Hi,

    I'm trying to get the plugin to work with a tool that is using Apache Mina's SSHd. I can use the 'scp' command line client to send files to the SSH server, but when I try to do the same with the plugin, I get:

    SSH: Connecting from host [server.conatus.lan]
    SSH: Connecting with configuration [macbook] ...
    ERROR: Exception when publishing, exception message [Failed to connect SFTP channel. Message [failed to send channel request]]
    Build step 'Send build artifacts over SSH' changed build result to UNSTABLE
    

    And on the server side:

    2012-08-10 17:30:31,108 INFO  20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:90) - Session created from /192.168.0.11:52149
    2012-08-10 17:30:31,110 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:344) - Client version string: SSH-2.0-JSCH-0.1.45
    2012-08-10 17:30:31,113 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_KEXINIT
    2012-08-10 17:30:31,114 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:157) - Received SSH_MSG_KEXINIT
    2012-08-10 17:30:31,126 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_KEXDH_INIT
    2012-08-10 17:30:31,126 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] kex.AbstractDHGServer (AbstractDHGServer.java:84) - Received SSH_MSG_KEXDH_INIT
    2012-08-10 17:30:31,136 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] kex.AbstractDHGServer (AbstractDHGServer.java:119) - K_S:  ...
    2012-08-10 17:30:31,137 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] kex.AbstractDHGServer (AbstractDHGServer.java:120) - f:    ...
    2012-08-10 17:30:31,137 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] kex.AbstractDHGServer (AbstractDHGServer.java:121) - sigH: ...
    2012-08-10 17:30:31,137 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] kex.AbstractDHGServer (AbstractDHGServer.java:125) - Send SSH_MSG_KEXDH_REPLY
    2012-08-10 17:30:31,137 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.AbstractSession (AbstractSession.java:708) - Send SSH_MSG_NEWKEYS
    2012-08-10 17:30:31,146 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_NEWKEYS
    2012-08-10 17:30:31,146 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:176) - Received SSH_MSG_NEWKEYS
    2012-08-10 17:30:31,148 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_SERVICE_REQUEST
    2012-08-10 17:30:31,148 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:187) - Received SSH_MSG_SERVICE_REQUEST 'ssh-userauth'
    2012-08-10 17:30:31,149 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:366) - Accepting user authentication request
    2012-08-10 17:30:31,149 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:371) - Authorized authentication methods: password
    2012-08-10 17:30:31,154 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_USERAUTH_REQUEST
    2012-08-10 17:30:31,154 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:200) - Received SSH_MSG_USERAUTH_REQUEST
    2012-08-10 17:30:31,154 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:387) - Authenticating user 'appserver' with method 'none'
    2012-08-10 17:30:31,155 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:415) - Unsupported authentication method 'none'
    2012-08-10 17:30:31,158 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_USERAUTH_REQUEST
    2012-08-10 17:30:31,158 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:200) - Received SSH_MSG_USERAUTH_REQUEST
    2012-08-10 17:30:31,159 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:387) - Authenticating user 'appserver' with method 'password'
    2012-08-10 17:30:31,159 DEBUG 20,31 MB/60,75 MB [NioProcessor-3] session.ServerSession (ServerSession.java:406) - Authentication succeeded
    2012-08-10 17:30:31,162 INFO  20,64 MB/60,42 MB [NioProcessor-3] session.ServerSession (ServerSession.java:462) - Session appserver@/192.168.0.11:52149 authenticated
    2012-08-10 17:30:31,168 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_CHANNEL_OPEN
    2012-08-10 17:30:31,169 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.ServerSession (ServerSession.java:501) - Received SSH_MSG_CHANNEL_OPEN session
    2012-08-10 17:30:31,200 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.ServerSession (ServerSession.java:127) - Received packet SSH_MSG_CHANNEL_REQUEST
    2012-08-10 17:30:31,200 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] channel.ChannelSession (ChannelSession.java:192) - Received SSH_MSG_CHANNEL_REQUEST on channel 0
    2012-08-10 17:30:31,200 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] channel.ChannelSession (ChannelSession.java:194) - Received channel request: subsystem
    2012-08-10 17:30:31,208 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.AbstractSession (AbstractSession.java:304) - Closing session
    2012-08-10 17:30:31,208 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.AbstractSession (AbstractSession.java:309) - Closing channel 0
    2012-08-10 17:30:31,209 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] channel.AbstractChannel (AbstractChannel.java:85) - Closing channel 0 immediately
    2012-08-10 17:30:31,209 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.AbstractSession$1 (AbstractSession.java:313) - Closing IoSession
    2012-08-10 17:30:31,209 DEBUG 20,64 MB/60,42 MB [NioProcessor-3] session.AbstractSession$1IoSessionCloser (AbstractSession.java:285) - IoSession closed
    2012-08-10 17:30:31,210 INFO  20,64 MB/60,42 MB [NioProcessor-3] session.AbstractSession$1IoSessionCloser (AbstractSession.java:290) - Session appserver@/192.168.0.11:52149 closed
    
    1. Ok, so the error was that it was asking for the SFTP subsystem and I didn't add it to Mina's configuration. If you ever connect to a Mina's SSH server, make sure the server have this call:

        sshd.setSubsystemFactories(Arrays.<NamedFactory<Command>>asList(new SftpSubsystem.Factory()));

  6. I am having some issues running SSH commands over remote servers. I have to run multiple commands over one connection, and there is no guarantee of the command running in sequence as I need.

    It works and doesn't work sometime.

    How do you run a "command 1 ; command 2" over ssh and guarantee that it runs in sequence after completion of the command?

  7. I'm having issues loading any project's configuration within Jenkins. Using Firebug I'm seeing this error:

    SyntaxError: invalid regular expression flag t
    /job/tims-test/descriptorByName/jenkins.plugins.publish_over_ssh.hudson...vior.js (line 416, col 5) |
    

    I've upgraded to the latest Jenkins and plugin as of right now. Is this something on my end that I need to fix?

  8. Hi, is there a way to preserve file permissions when uploading ? I am uploading a "Application.app" bundle and all file under Application.app/Contents/MacOS/ lost their 'execution flag'.

  9. Hello! 

    After update I have problem with publish artifacts use Publish Over SSH Plugin:

    SSH: Connecting from host [deploy]
    SSH: Connecting with configuration [DEV.ADMIN.WEB-REGISTRY-SCALA|DEV.ADMIN.WEB-REGISTRY-SCALA] ...
    SSH: Creating session: username [root], hostname [192.168.1.136], port [22]
    SSH: Connecting session ...
    SSH: Connected
    SSH: Opening SFTP channel ...
    SSH: SFTP channel open
    SSH: Connecting SFTP channel ...
    ERROR: Exception when publishing, exception message \[Failed to connect SFTP channel. Message [channel is not opened.]\]
    Finished: UNSTABLE

    If I manual connect to the same server from jenkins user sftp worked fine: 

    jenkins@deploy:~$ sftp root@192.168.1.136
    root@192.168.1.136's password:
    Connected to 192.168.1.136.
    sftp> ls
    default.conf sbt.deb
    sftp>

    When I press button in host config i got errors, but sometimes got Success 

    May be this problem with small wait time to connect to sftp server? 

    Connected, but failed to setup SFTP - check the SSH server. Exec commands should work, but transferring files will fail

    jenkins.plugins.publish_over_ssh.BapSshSftpSetupException: Failed to connect SFTP channel. Message channel is not opened. 

    Please, how I can change back transfer build artifacts use SCP or fix problem? 

    We use Jenkins ver. 1.569 and Publish Over SSH 1.11

    Thank you! 

  10. Hi,

    Is there a way to update the Host configurations programmatically through groovy script or Remote API. 

    Please kindly, help me.

    Thanks and Regards,

    V.Vishnu

    1. This groovy script seems to work

      Groovy Script
      Jenkins.instance.getDescriptorByType(BapSshPublisherPlugin.Descriptor.class).with {
      
        println it.hostConfigurations
      
        final List<BapSshHostConfiguration> configs = new ArrayList<BapSshHostConfiguration> ()
      
        //configs.add(new BapSshHostConfiguration("sdsdsdsd","127.0.0.1","fff",null,null,22,6,false,null,null,false))
        //it.hostConfigurations.replaceBy(configs)
      
      
        StaplerRequest d = Stapler.getCurrentRequest();
      
        JSONObject json = JSONObject.fromObject("{'commonConfig': {'encryptedPassphrase': 'Pcm/cCya/x9ZhWlFmK/8ew==', 'keyPath': '', 'key': '', 'disableAllExec': false}, 'instance': [{'name': 'eeeee', 'hostname': 'localhost', 'username': 'dfdfdf', 'remoteRootDir': '/', 'overrideKey': false, 'encryptedPassword': 'Pcm/cCya/x9ZhWlFmK/8ew==', 'keyPath': '', 'key': '', 'port': '22', 'timeout': '300000', 'disableExec': false}, {'name': 'gggg', 'hostname': '123.4.5.6', 'username': 'dfdf', 'remoteRootDir': '', 'overrideKey': false, 'encryptedPassword': 'Pcm/cCya/x9ZhWlFmK/8ew==', 'keyPath': '', 'key': '', 'port': '22', 'timeout': '300000', 'disableExec': false}, {'name': 'kkkk', 'hostname': '4.4.2.2', 'username': 'er', 'remoteRootDir': '', 'overrideKey': false, 'encryptedPassword': '', 'keyPath': '', 'key': '', 'port': '22', 'timeout': '300000', 'disableExec': false}], '': '1', 'defaults': {'stapler-class': 'jenkins.plugins.publish_over_ssh.options.SshPluginDefaults'}}")
        it.configure(d,json);
      
        //it.hostConfigurations.add(new BapSshHostConfiguration("vvv","127.0.0.1","fff",null,null,22,6,false,null,null,false))
      }

      Thanks and Regards,

      V.Vishnu

      1. Hi Vishnu,

        I'm not a Groovy expert so maybe you have an example of how to update a users passphrase/password  using Groovy script?

        TIA

  11. When I use this plugin to transfer files from Jenkins to another machine via the "Transfer Set Source files", the execute permissions of the files don't seem to carry over to the destination set of files.

    Both Jenkins and the destination server that I've established an SSH connection with are running on Ubuntu 12.04.  When I run the scp command manually (i.e. not from the Jenkins app) from my Jenkins server to the destination server the permissions do in fact carry over properly.  Does the plugin not use the scp command internally? Does it do something that would cause this to happen?

    Any help would be appreciated.

  12. Why do I love this plugin so much? The author had the good sense to include a "Remove prefix" option. It's a simple feature, but one I found missing from a majority of transfer/copy related plugins.

  13. I have an issue with working with this plugin. When I try to test configuration (by pressing "Test configuration" button in the jenkins settings) I have the following issue:

    Failed to connect or change directory

    jenkins.plugins.publish_over.BapPublisherException: Failed to connect session for config [myconfig]. Message [Auth cancel]

    What I should do to fix this issue? Please, help me, this is very important for me. Thanks

    (Credentials: hostname, user, password, port is correct)

  14. I would like to see an option to ask for the password at build time (and/or read the password from an env var).

    I am currently testing password protecting the SSH connections by setting a password build parameter named SSHPASS.  I then call sshpass -e in a shell to execute scp and ssh commands.  If I'm working with older artifacts (one should always assume you might be) I also have to use the Copy Artifact plugin to make sure I'm grabbing the right build artifact before I scp it (or maybe I should grab it from the builds/xx/archive folder directly).  Anyhow, modifying this plugin to add the password parameter directly, or read it from the env, could prove to be easier (or more apparent to others) than what I currently do.

    My requirement is to allow developers free reign over setting up Jenkins projects how they want while also keeping them out of the production boxes.

    If the prod deployment runs in its own project then, okay, I can probably keep the developers out by not setting the password in the system config and only setting it in the project.  And then setting project-based security to keep them out of the prod projects.

    Yet, if I would like to avoid deployment pipelines chaining multiple projects together and instead handle the entire build and deployment process with the Promoted Builds plugin on a single project (for simpler deployments such as Ruby), I need to ask for a password on the prod promotion to keep the developers from hijacking the connection (since they would have configuration rights to the job and could change the list of approvers for the promotion).

    Another option might be to look at whatever Jenkins Enterprise offers in extra security layers (I have no idea yet) but that's outside our scope right now.

  15. scp can recursively copy directories, would it be possible to add this command option?

  16. Following what Matt Jernigan posted on Sep 23, 2014.. Has there been any interest in looking to make environment variables or parameters compatible with this?  Or even a run time prompt or supplying Credentials?  This would be very helpful, thanks!

  17. Referencing the remote directory in the exec command 

    I am transferring files to a remote directory that has a datetime format. So far so good ... But I would like to reference that specific directory name in the exec command (to create a symlink to a date-less path, e.g. /deploy/current linking to  the actual remote directory). I don't think the plugin allows me to easily do this. Any thoughts?

  18. Can we use this plugin with Jenkins Pipeline?

  19. Can you please add syntax highlighting? It would make easier to debug the scripts.

  20. When path to key supplied to SSH Server jobs executed on slaves nodes will fail with some error like 

    ERROR: Exception when publishing, exception message [Failed to read file - filename [/var/lib/jenkins/.ssh/id_rsa] (relative to JENKINS_HOME if not absolute). Message: [java.lang.SecurityException: agent may not read /var/lib/jenkins/.ssh/id_rsa

     

    As a workaround you can set some file access rule like "allow read /.*", not precisely secure though and cant figure out how to make it more granular

     

    Can you add support for "Agent - Master Access Control"? Although support for Jenkins credential store would be nicer

  21. Is there a way to fail the build on any errors in an executed script rather than making build unstable?

    1. Found it in Publisher defaults. Great!

  22. I am trying to use this plugin in combination with the matrix-job to run scripts on our test-hosts. The axis of the matrix-job is SUTHOST, with the hostnames of our test-hosts as values.

    In the host-configuration screen I use ${SUTHOST} as hostname.

    When executing this situation, the ${SUTHOST} doesn't get substituted with the actual hostname, because I get an unknown-host-exception on ${SUTHOST} and not the actual hostname.

    Any way to work around this?

  23. Hi, is there a way to preserve file permissions ? I am uploading a script with permission 755 & it's appears in the remote machine with different permission

  24. Do you have any examples for JenkinsFile for this plugin without configuring SSH servers globally? I am looking for a proper syntax to use this in my JenkinsFile. I would like my Jenkins Slaves toconnect to remote servers, copy zip files and execute few commands. I have tried something like this but didnt work

    I am using the Private key here in the code and we have configured public key in all the remote servers for this user

    Jenkins Pipeline script. deploy stage 

    node('slaves') {
    stage('Deploying to TEST') {

    sshPublisher {
    server('myhostname1.com') {
    credentials('remoteuser') {
    key: '''-----BEGIN RSA PRIVATE KEY-----
    MIIEowIBAAKCAQEAznShdsv0Z6pT9nSeyHdQqSP427/72dkrmxG7BPr9pDvBBOnb
    Y2agvw5/iuH+FsIjEoisBXh+DLN/H+7G9FuQO49Z5u16JRy3b8BOPF5qiGKagxw3
    YlPLFslT6vAOQ36H77+u4Scn4JTSKVext93PimXu3wY5amfgZy0ygAEtP/JbOJz3
    Fzl14wMoIGlxwYUDo6mq6Wk2l/xxQmH94y1MczosTjzjgC0r720o
    -----END RSA PRIVATE KEY-----'''
    }
    label('myhostname')
    transferSet {
    sourceFiles("**/*.zip")
    remoteDirectory('builds/\'yyyy/MM/dd/\'build-${BUILD_NUMBER}')
    execCommand('mkdir deployfolder & unzip myproject-${version}.zip')
    }
    }
    server('myhostname2.com') {
    credentials('remoteuser') {
    key: '''-----BEGIN RSA PRIVATE KEY-----
    MIIEowIBAAKCAQEAznShdsv0Z6pT9nSeyHdQqSP427/72dkrmxG7BPr9pDvBBOnb
    Y2agvw5/iuH+FsIjEoisBXh+DLN/H+7G9FuQO49Z5u16JRy3b8BOPF5qiGKagxw3
    YlPLFslT6vAOQ36H77+u4Scn4JTSKVext93PimXu3wY5amfgZy0ygAEtP/JbOJz3
    Fzl14wMoIGlxwYUDo6mq6Wk2l/xxQmH94y1MczosTjzjgC0r720o
    -----END RSA PRIVATE KEY-----'''
    }
    label('myhostname2')
    transferSet {
    sourceFiles("**/*.zip")
    execCommand("mkdir deployfolder & unzip myproject-${version}.zip")
    }
    }
    }

    }
    }

     

     

  25. I have a problem while using  this plugin .

    The scenario is as follows:

    1. Entire project is setup in local.Total size is nearly 700MB.
    2. All codes pushed to BitBucket.
    3. Now i configured build in Jenkins with "Send build artifacts over ssh " as post-build option.Inside transfer set i added " **/*. * " for source file option .
    4. It is taking hours and hours to transfer entire project . Within 2 hours it transferred only 140MB.

      Is it normal ? Do i need to change any settings? Network connections between the server in which Jenkins runs and the production server is fine . 

Write a comment…