unable execute inspec profile using ssh from jenkins node.

[esaravanakumar89]

🎛unable execute inspec profile using ssh from jenkins node using withCredentials plugin using filebinding.

Choose one: is this a 🐛 bug report or 🙋 feature request? bug Briefly describe the issue and the expected behavior. Also, please be aware of our Code of Conduct.

withCredentials([[$class: 'FileBinding', credentialsId: 'username', variable: 'filekey_path']]) {

inspec exec test_profile -i ${env.filekey_path} --diagnose --log-level=debug --sudo -t ssh://testuesr@testserver

}

Client error, can't connect to 'ssh' backend: Your SSH Agent has no keys added, and you have not specified a password or a key file

Same env.key_file is working when i connect through ssh (ssh -i) from the jenkins node.

🌍 InSpec and Platform Version

Tell us which version of InSpec (inspec version or SHA of a commit) and Operating System distribution you are using

inspec 2.1.72

OS: rhel7

🤔 Replication Case

Tell us what steps to take to replicate your problem. See How to create a Minimal, Complete, and Verifiable example for information on how to create a good replication case.

try to execute inspec remote validation from jenkins node.

💁 Possible Solutions

If you have already ideas how to solve the issue, add them here.

💻 Stacktrace

Please include the stacktrace output or link to a gist of it, if there is one.

[frezbo]

@esaravanakumar89 you have to use ${filekey_path}. ${env.<key>} is for groovy interpolations mostly. I also don't see the command being executed inside a sh block. This would be the syntax I would use:

withCredentials([file(credentialsId: 'username', variable: 'filekey_path')]) {
  sh 'inspec exec test_profile -i ${filekey_path} --diagnose --log-level=debug --sudo -t ssh://testuesr@testserver'
}

[aaronlippold]

I might use bash rather than sh. Remember the Jenkins process has to have access to the gems in order to execute inspec. Last time I did this I had a fun time ensuring that the sub shell of the task actually had access to the inspec installation. Just something to keep in mind.

On Thu, Oct 31, 2019, 2:42 AM Noel Georgi notifications@github.com wrote:

@esaravanakumar89 https://github.com/esaravanakumar89 you have to use ${filekey_path}. ${env.} is for groovy interpolations mostly. I also don't see the command being executed inside a sh block. This would be the syntax I would use:

withCredentials([file(credentialsId: 'username, variable: 'filekey_path')]) { sh 'inspec exec test_profile -i ${filekey_path} --diagnose --log-level=debug --sudo -t ssh://testuesr@testserver'}

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/inspec/inspec/issues/4651?email_source=notifications&email_token=AALK42FQU6HJ6ZPARNYUMPLQRJ44NA5CNFSM4JHAJRS2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOECWW3LQ#issuecomment-548236718, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALK42GTYMQBBV4VQNW7PGTQRJ44NANCNFSM4JHAJRSQ .

[frezbo]

@aaronlippold that sh is the jenkins dsl for executing shell commands, it's upto the user to select the interpreter.

Eg:

sh '''#!/bin/bash -l
<commands>
'''

[esaravanakumar89]

Thank you for your help and suggestion. I tried it was not working, but I got a weird solution to make it work, I have downgraded train gem from v1.7.2 to v1.5.0.

I don’t know why It is working Is that a bug with train gem ?

Get Outlook for iOShttps://aka.ms/o0ukef

---

From: Noel Georgi notifications@github.com Sent: Thursday, October 31, 2019 8:39:11 AM To: inspec/inspec inspec@noreply.github.com Cc: esaravanakumar89 saravanakumar89@live.com; Mention mention@noreply.github.com Subject: Re: [inspec/inspec] unable execute inspec profile using ssh from jenkins node. (#4651)

@aaronlippoldhttps://github.com/aaronlippold that sh is the jenkins dsl for executing shell commands, it's upto the user to select the interpreter.

Eg:

sh '''#!/bin/bash -l

''' — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

[zenspider]

Moving this issue to train.

[clintoncwolfe]

Outside of a Jenkins setup, I am able to successfully use InSpec 4.18.100 and train 3.2.23 to run inspec detect on a Vagrant virtual machine:

inspec detect -t ssh://vagrant@127.0.0.1:2222 -i ../vagrants/ubuntu-16/.vagrant/machines/default/virtualbox/private_key

detect simply connects and runs platform detection, which would be enough to trigger the issue you are reporting; but here it does not.

[esaravanakumar89]

I feel inspec 1.7.0 to inspec 2.x having problem. I have seen the same issue in train-1.7.2 today.

Get Outlook for iOShttps://aka.ms/o0ukef

---

From: Clinton Wolfe notifications@github.com Sent: Tuesday, March 3, 2020 3:34:24 PM To: inspec/train train@noreply.github.com Cc: esaravanakumar89 saravanakumar89@live.com; Author author@noreply.github.com Subject: Re: [inspec/train] unable execute inspec profile using ssh from jenkins node. (#528)

Outside of a Jenkins setup, I am able to successfully use InSpec 4.18.100 and train 3.2.23 to run inspec detect on a Vagrant virtual machine:

inspec detect -t ssh://vagrant@127.0.0.1:2222 -i ../vagrants/ubuntu-16/.vagrant/machines/default/virtualbox/private_key

detect simply connects and runs platform detection, which would be enough to trigger the issue you are reporting; but here it does not.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/inspec/train/issues/528?email_source=notifications&email_token=ABOFJ4YGRBAF5S6ZNKWUQYDRFVZWBA5CNFSM4JHSEW52YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOENVHXOI#issuecomment-594181049, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ABOFJ4ZX6RBUO4BF44CV62DRFVZWBANCNFSM4JHSEW5Q.