22

我们设置了 Jenkins 2 来构建对 github 的每次推送,并且我们不使用 Pull Request 构建器(尽管作为 pull request 的一部分的提交显然也会被构建)。GitHub 集成插件说它只适用于拉取请求构建器,所以这对我们不起作用。

我也尝试过github-notify plugin,但它似乎不适用于我们的案例(可能是因为 repo 是私有的和/或作为 Organizaiton 的一部分拥有,而不是个人用户)。我试过让它推断设置以及手动指定credentialsId, account, repo, 当然还有status参数,但都没有运气。

这是我的 Jenkinsfile 的缩写版本:

pipeline {
    agent { label "centos7" }

    stages {
        stage("github => pending") {
            steps {
                githubNotify status: "PENDING", credentialsId: "my-credentials-id", account: "my-account", repo: "my-repo"
            }
        }
        stage("build") {
            ...
        }
    }

    post {
        success {
            githubNotify status: "SUCCESS", credentialsId: "my-credentials-id", account: "my-account", repo: "my-repo"
        }
        failure {
            githubNotify status: "FAILURE", credentialsId: "my-credentials-id", account: "my-account", repo: "my-repo"
        }
    }
}

当我运行构建时,我得到以下信息:

java.lang.IllegalArgumentException: The suplied credentials are invalid to login
    at org.jenkinsci.plugins.pipeline.githubstatusnotification.GitHubStatusNotificationStep.getGitHubIfValid(GitHubStatusNotificationStep.java:234)
    at org.jenkinsci.plugins.pipeline.githubstatusnotification.GitHubStatusNotificationStep.getRepoIfValid(GitHubStatusNotificationStep.java:239)
    at org.jenkinsci.plugins.pipeline.githubstatusnotification.GitHubStatusNotificationStep.access$100(GitHubStatusNotificationStep.java:75)
    at org.jenkinsci.plugins.pipeline.githubstatusnotification.GitHubStatusNotificationStep$Execution.run(GitHubStatusNotificationStep.java:344)
    at org.jenkinsci.plugins.pipeline.githubstatusnotification.GitHubStatusNotificationStep$Execution.run(GitHubStatusNotificationStep.java:326)
    at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
    at hudson.security.ACL.impersonate(ACL.java:221)
    at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

我已经通过 Jenkins(在配置系统区域)和在浏览器中手动测试了凭据——用户名和密码是正确的,并且具有对相关存储库的读/写访问权限。

4

5 回答 5

23

根据Jenkins GitHub 插件自己的示例

void setBuildStatus(String message, String state) {
  step([
      $class: "GitHubCommitStatusSetter",
      reposSource: [$class: "ManuallyEnteredRepositorySource", url: "https://github.com/my-org/my-repo"],
      contextSource: [$class: "ManuallyEnteredCommitContextSource", context: "ci/jenkins/build-status"],
      errorHandlers: [[$class: "ChangingBuildStatusErrorHandler", result: "UNSTABLE"]],
      statusResultSource: [ $class: "ConditionalStatusResultSource", results: [[$class: "AnyBuildResult", message: message, state: state]] ]
  ]);
}

... 

pipeline {
  stages {
     ...
  }
  post {
    success {
        setBuildStatus("Build succeeded", "SUCCESS");
    }
    failure {
        setBuildStatus("Build failed", "FAILURE");
    }
  }
}

不需要多余的插件。只要您安装并正确配置了 GitHub 插件,您甚至不需要执行上述操作,它应该会自动发生。我们也没有使用 Pull Request 构建器,而是使用 Jenkins Multibranch Pipeline。我们只是在 PR 中使用上面的代码片段来获得额外的状态粒度。

于 2017-11-07T16:00:37.343 回答
5

首先,确保这些凭据是全局凭据,而不是文件夹凭据。
后者尚不受支持,并且会生成类似的错误消息:请参阅JENKINS-42955(仍在审查中)

其次,如果这些凭据在浏览器中有效,但不是通过 DSL 配置文件位于 jenkinsfile 中,那可能是由于名称或密码中的特殊字符:看看您是否不必对保留字符进行百分比编码

于 2017-04-07T21:39:28.403 回答
3

文档中的一个更好的例子:

def getRepoURL() {
  sh "git config --get remote.origin.url > .git/remote-url"
  return readFile(".git/remote-url").trim()
}

def getCommitSha() {
  sh "git rev-parse HEAD > .git/current-commit"
  return readFile(".git/current-commit").trim()
}

def updateGithubCommitStatus(build) {
  // workaround https://issues.jenkins-ci.org/browse/JENKINS-38674
  repoUrl = getRepoURL()
  commitSha = getCommitSha()

  step([
    $class: 'GitHubCommitStatusSetter',
    reposSource: [$class: "ManuallyEnteredRepositorySource", url: repoUrl],
    commitShaSource: [$class: "ManuallyEnteredShaSource", sha: commitSha],
    errorHandlers: [[$class: 'ShallowAnyErrorHandler']],
    statusResultSource: [
      $class: 'ConditionalStatusResultSource',
      results: [
        [$class: 'BetterThanOrEqualBuildResult', result: 'SUCCESS', state: 'SUCCESS', message: build.description],
        [$class: 'BetterThanOrEqualBuildResult', result: 'FAILURE', state: 'FAILURE', message: build.description],
        [$class: 'AnyBuildResult', state: 'FAILURE', message: 'Loophole']
      ]
    ]
  ])
}
于 2019-07-17T02:27:55.327 回答
3

我没有想到account参数中的值不能与凭据中的用户匹配。在account您必须指定存储库所有者。并且credentialsId您可以使用任何具有对存储库的推送访问权限的用户:

credentialsId: 要使用的 github 凭证的 id,必须是UsernameAndPassword. 确保凭据具有写访问权限,如doc 所述:具有推送访问权限的用户可以为给定的 ref 创建提交状态

account:拥有存储库的帐户

于 2017-06-27T06:30:21.197 回答
2

如果您不想打扰专门的插件,可以使用以下替代方法curl

post {
  success {
    withCredentials([usernamePassword(credentialsId: 'your_credentials_id', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
      sh 'curl -X POST --user $USERNAME:$PASSWORD --data  "{\\"state\\": \\"success\\"}" --url $GITHUB_API_URL/statuses/$GIT_COMMIT'
    }
  }
  failure {
    withCredentials([usernamePassword(credentialsId: 'your_credentials_id', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
      sh 'curl -X POST --user $USERNAME:$PASSWORD --data  "{\\"state\\": \\"failure\\"}" --url $GITHUB_API_URL/statuses/$GIT_COMMIT'
    }
  }
}

GITHUB_API_URL通常是这样构造的,例如在指令environment中:

environment {
   GITHUB_API_URL='https://api.github.com/repos/organization_name/repo_name'
}

credentialsId可以从以下位置创建和获取Jenkins -> Credentials

于 2019-08-22T15:48:59.333 回答