Jenkins Windows slave：如果作为服务运行，则身份验证失败

Question

我有一个在 Windows 10 (1607) 上运行的 Jenkins 从站。如果我直接作为 JNLP 运行从属服务器，则该从属服务器可以从 git 存储库中克隆（使用用户名和密码进行身份验证）。

如果我将同一个从属服务器作为服务启动，git clone 会失败并显示Authentication failed for ...。

该服务是通过从属设备的“文件”菜单创建的，并作为“本地系统帐户”运行。

怎么了？

这是 Jenins 的输出：

00:00:00.003 Started by user <commit-user>
00:00:00.005 ln -s builds/lastSuccessfulBuild /var/jenkins_home/jobs/Xamarin/jobs/MyProject/jobs/CIBuild/lastSuccessful failed: 95 Not supported
00:00:00.005 ln -s builds/lastStableBuild /var/jenkins_home/jobs/Xamarin/jobs/MyProject/jobs/CIBuild/lastStable failed: 95 Not supported
00:00:00.005 Building remotely on Win10Xamarin (Win10 Xamarin Git NetCore) in workspace c:\Jenkins\workspace\Xamarin\iRec Common\iRecy Common CI
00:00:00.025 Cloning the remote Git repository
00:00:00.031 Cloning repository http://git-server/MyGroup/test-project
00:00:00.032  > C:\Program Files\Git\cmd\git.exe init c:\Jenkins\workspace\Xamarin\iRec Common\iRecy Common CI # timeout=10
00:00:00.252 Fetching upstream changes from http://git-server/MyGroup/test-project
00:00:00.255  > C:\Program Files\Git\cmd\git.exe --version # timeout=10
00:00:00.351  > C:\Program Files\Git\cmd\git.exe -c core.askpass=true fetch --tags --progress http://git-server/MyGroup/test-project +refs/heads/*:refs/remotes/origin/*
00:00:01.148 ERROR: Error cloning remote repo 'origin'
00:00:01.149 hudson.plugins.git.GitException: Command "C:\Program Files\Git\cmd\git.exe -c core.askpass=true fetch --tags --progress http://git-server/MyGroup/test-project +refs/heads/*:refs/remotes/origin/*" returned status code 128:
00:00:01.149 stdout: 
00:00:01.149 stderr: fatal: Authentication failed for 'http://git-server/MyGroup/test-project/'
00:00:01.149 
00:00:01.149    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1740)
00:00:01.149    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1476)
00:00:01.149    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:63)
00:00:01.149    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:314)
00:00:01.149    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$2.execute(CliGitAPIImpl.java:506)
00:00:01.149    at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$1.call(RemoteGitImpl.java:152)
00:00:01.149    at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$1.call(RemoteGitImpl.java:145)
00:00:01.149    at hudson.remoting.UserRequest.perform(UserRequest.java:153)
00:00:01.149    at hudson.remoting.UserRequest.perform(UserRequest.java:50)
00:00:01.149    at hudson.remoting.Request$2.run(Request.java:332)
00:00:01.149    at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:68)
00:00:01.149    at java.util.concurrent.FutureTask.run(Unknown Source)
00:00:01.150    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
00:00:01.150    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
00:00:01.150    at hudson.remoting.Engine$1$1.run(Engine.java:85)
00:00:01.150    at java.lang.Thread.run(Unknown Source)
00:00:01.150    at ......remote call to Win10Xamarin(Native Method)
00:00:01.150    at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1416)
00:00:01.150    at hudson.remoting.UserResponse.retrieve(UserRequest.java:253)
00:00:01.150    at hudson.remoting.Channel.call(Channel.java:781)
00:00:01.150    at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler.execute(RemoteGitImpl.java:145)
00:00:01.150    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
00:00:01.150    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
00:00:01.150    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
00:00:01.150    at java.lang.reflect.Method.invoke(Method.java:498)
00:00:01.153    at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler.invoke(RemoteGitImpl.java:131)
00:00:01.153    at com.sun.proxy.$Proxy65.execute(Unknown Source)
00:00:01.153    at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1046)
00:00:01.153    at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1086)
00:00:01.153    at hudson.scm.SCM.checkout(SCM.java:495)
00:00:01.153    at hudson.model.AbstractProject.checkout(AbstractProject.java:1269)
00:00:01.153    at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:604)
00:00:01.153    at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
00:00:01.153    at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:529)
00:00:01.153    at hudson.model.Run.execute(Run.java:1741)
00:00:01.153    at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
00:00:01.153    at hudson.model.ResourceController.execute(ResourceController.java:98)
00:00:01.153    at hudson.model.Executor.run(Executor.java:410)
00:00:01.153 ERROR: null
00:00:01.153 Skipped archiving because build is not successful
00:00:01.154 Recording NUnit tests results
00:00:01.160 FATAL: No NUnit test report files were found. Configuration error?
00:00:01.165 Build step 'Publish NUnit test result report' marked build as failure
00:00:01.180 Finished: FAILURE

Answer 1

检查你的服务是如何启动的：如果它使用Local System account，它不会有相同的%USERPROFILE%，也不会受益于相同的git配置（通常存储在%USERPROFILE%\.gitconfig中）

我通常使用用户帐户创建服务：

sc create JenkinsSlave binPath= d:\Jenkins_Slave\jenkins-slave.exe DisplayName= "Jenkins Slave xxx for https://<url>/jenkins" start= auto obj= DOMAIN\aUSER password= <password>

注意obj=和password=后面的空格。

请注意，由于 Windows 凭据问题，无法使用本地系统帐户，如 JENKINS-34082 所示。

我在windows slave机器中卸载了“git”，安装时没有使用“windows credential manager”。

OP WeDucercomments:

有效：安装的凭据管理器阻止本地系统帐户克隆。