Hudson (Jenkins) and Git HTTP authentication

I run a Hudson, (now Jenkins) CI server on windows XP.

The Jenkins git plugin is broken if you have repositories that use HTTP auth (See: http://issues.hudson-ci.org/browse/HUDSON-3807, http://issues.hudson-ci.org/browse/HUDSON-7091).

If you try to run a build on a job with a repo using HTTP auth, the process will hang at the repository checkout, as GIT is waiting for a password to be entered. Fortunately, you can set the credentials for the server access in a netrc file placed in your home directory.

Find your home directory:

  • If you are running Jenkins as the user you are currently logged in as:
    • Commonly, the home directory that GIT will use can be found by going start->Run and typing a “.” in the run dialog (without the quotes). On windows XP this is “C:\Documents and Settings\Administrator”
    • To be extra sure, you should open the GIT bash, type “cd” to go back to your home directory, and then enter “pwd” to show the current path.
  • If you are running Jenkins as a service
    • Create a new Execute Shell build step. Execute the command:

      echo $HOME
      
    • Run the build and examine the output to see where $HOME is located

Create the _netrc file:

On linux, this file is actually .netrc, however I found that on windows its using the underscore notation. When creating the _netrc file, ensure that your editor is saving the file using unix-line-endings. If you are using a tool like notepad++ this can be set by going Edit -> EOL Conversion -> UNIX Format.

_netrc contents:

machine <server name>
login <server username>
password <server password>

Where is the name of the server that hosts your GIT repository, and the username and password correspond to valid HTTP credentials. See the netrc page in references below for additional examples.

Verify the _netrc settings work by attempting to download the HEAD from the repository using curl:

curl --netrc --location -v http://<server_name>/<git_repo>.git/HEAD

This should return something like ref: refs/heads/master. If you get an authentication failed message, be sure to scroll up in the console to verify if curl was able to find the server entry in _netrc.

Gotachas:

  • If you specify the address to the GIT repository in Hudson in http://@ notation, the _netrc data will not be picked up. This is because of the <username>@ prefix
  • I had to modify the git executable I was using, as the default wasn’t picking up the _netrc file
    • Under Manage Hudson -> Configure -> Git Installation, point the default executable to the git.cmd script. Mine was at C:\Program Files\Git\cmd

References:

http://www.kernel.org/pub/software/scm/git/docs/howto/setup-git-server-over-http.txt

http://www.mavetju.org/unix/netrc.php