Jenkins and private repos on GitHub

Moving a user/password protected in-house subversion repository of a Maven project to GitHub requires some tweaking after the move, in order to get the continuous integration working again with Jenkins. However, once you know the steps, it is actually straight-forward.

One-off setup for all private GitHub repositories:

  • log into Jenkins as administrator
  • go to Manage Jenkins -> Manage Credentials
  • add new credentials with the following details
    • scope: Global
    • Username: git
    • Description: Github SSH key
    • Private key: From the Jenkins master ~/.ssh
  • save it

Setup steps for every single private GitHub repository that you want to manage through Jenkins (replace <repo> with the actual repository name and <githubaccount> with your github account):

  • log into your Jenkins build server
  • become the user that runs your Jenkins CI server, e.g., sudo su – jenkins if it runs as user jenkins
  • create a new RSA key pair with no passphrase: ssh-keygen -t rsa -f ~/.ssh/github_<repo>
  • add the following your ~/.ssh/config file:
    Host github-<repo>
       HostName github.com
       User git
       IdentityFile ~/.ssh/github_<repo>
       IdentitiesOnly yes
  • make sure it has the right permissions: chmod 0600 ~/.ssh/config
  • output the public key: cat ~/.ssh/github_<repo>
  • open a browser and go to your repository’s settings page
  • select Deploy keys section and click on Add deploy keys
  • add an appropriate title, e.g., Jenkins
  • paste the public key content into the text box and click Add key
  • open the project on your Jenkins website
  • click on Configure
  • under Source Code Management, select Git
  • enter git@github-<repo>:<githubaccount>/<repo>.git
  • use git (Github SSH key) as Credentials
  • save the Jenkins setup

Notes

  • GitHub does not allow the same SSH key to be re-used for multiple repositories, hence the github_<repo> key generation for each repository.
  • The Host github-<repo> alias in the ~/.ssh/config file is re-used in the URL of the Jenkins setup, allowing the specification of multiple keys for the same host github.com.
  • Based on instructions found on StackOverflow.