Jenkins 2.0 introduced Pipeline as a code. I need to create CI/CD automation pipeline as code for different stages in Continous Integration and Continous Delivery. SSH Agent plugin comes with the pipeline as a code. I will discuss two scenarios using the SSH agent from a Cloud perspective and create a Public key, private key using SSH keygen for an individual user.
1. SSH Agent for an individual user account.
Connect to a remote system with a respective user account and generate a public key and private key in the .ssh folder of the current user account via ssh-keygen.
ubuntu@ip-172-31-31-190:~/.ssh$ ssh-keygen -t rsa
Generating a public/private RSA key pair.
Enter file in which to save the key (/home/ubuntu/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ubuntu/.ssh/id_rsa.
Your public key has been saved in /home/ubuntu/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:vAWOBxBRnGhmAHQo+BUDLAB77N/v0ED+T1cWANBIpYI ubuntu@ip-172-31-31-190
The key's randomart image is:
+---[RSA 2048]----+
|O+++*B.oo=o.. |
|++o *+o ... . |
|ooo=E + o . |
| o. o * . . |
| . + S . o |
| . . = o o |
| . o + . . |
| o o . |
| .o . |
+----[SHA256]-----+
ubuntu@ip-172-31-31-190:~/.ssh$
Append the public keys to authorized_keys
ubuntu@ip-172-31-31-190:~/.ssh$ cat id_rsa.pub >> authorized_keys
Read private key from .ssh folder
ubuntu@ip-172-31-31-190:~/.ssh$ cat id_rsa
-----BEGIN RSA PRIVATE KEY-----
wqDEQLEreqeqfelfmgwe;gmeqgef;ewefwefgneqkfgqefneqfeqfeqwfefefeqafewn;
APibM41OYNAOWfRHczYbNvHSEz9/qcsvv/IGvJdig6+/qVL9BP0Q6U+lHFbx80wb
wK1/yA0awCKAtgTJLc5kdxAC7fCFE11pzFCH9gV4mLKd7BZB+Hymw88bz9k+jahq
OqYWVvrKYNGn+x/XwkcnRthnUrTG6G8gepgeNy5jpmSLuZXcMt7i4MATBRooh7fQ
/axeJ+x0285NUFFJBxs9FbTstsMXpQVvRnpSYEQJhrxa4/stAn6eWwxeZ/z2hPoD
fRkTnsRV1V8PMIlZv4DxHPr5GabSAbOn+jgeXwIDAQABAoIBAQCWonhQIXCyavoB
Yl/e18a0KMR0XYwQKUHpbkDYebTyvZqcWkEI/wIxclnenQ13jbZQiGNi2LshqcHa==
-----END RSA PRIVATE KEY-----
Open Jenkins server navigate to Jenkins —> Credentials —> System —> Global Credentials [Add Credentials]
Provide the username(ubuntu) and update Private Key directly and save. An autogenerated ID is obtained after save. ID is referred in ssh-agent (credentials: [‘ID’])Jenkins Pipeline (Jenkins file)
node{
stage("ssh-agent"){
script {
sshagent (credentials: ['9e73bc9-1fe9-455c-8c34-2e8bb0c497a0']) {
sh 'ssh -o StrictHostKeyChecking=no -l ubuntu remoteserver.compute-1.amazonaws.com uname -a'
}
}
}
}
2. SSH Agent in Cloud for Jenkins pipeline as Code.
In Cloud, a VM (Virtual Machine) is provisioned a user account is associated with that VM. Considering AWS as my default Cloud and created a VM a user account associated with its pem keys (Private Keys). By default, VM’s will contain public keys associated with a user account.
As mentioned for individual users, update the Private key from pem key file in (Jenkins —> Credentials —> System —> Global Credentials [Add Credentials] ).