Jenkins – use Azure DevOps as code repository for projects

This guide assumes that you have already configured both Jenkins and git but if you need any help with that please consult my other posts detailing those steps.

Set up SSH key authentication

First, we need to configure SSH key authentication and the goal here is to share our public key so that it is trusted by Azure DevOps and used to verify the incoming ssh connection.

By design, you cannot log in as the Jenkins user, but it is possible to allow access temporarily. This is done by editing /etc/passwd.

sudo vi /etc/passwd
change the line:
jenkins:x:977:977:Jenkins Automation Server:/var/lib/jenkins:/bin/false
to:
jenkins:x:977:977:Jenkins Automation Server:/var/lib/jenkins:/bin/bash

After you save the file, you should be able to SSH as Jenkins and generate the SSH keys by running

ssh-keygen

Once the keys are generated, you need to copy the contents of .ssh/id_rsa.pub and use them within the Azure DevOps portal.

In the portal click on User Settings / SSH Public Keys:

and save the Jenkins public SSH key using the Add button:

  • the description is just a string that makes sense to you
  • while the key data is the contents of that .ssh/id_rsa.pub from the Jenkins server

Test Authentication

Test the connection by running the following command on the Jenkins server while logged in as the Jenkins user:

[jenkins@localhost ~]$ ssh -T git@ssh.dev.azure.com
The authenticity of host 'ssh.dev.azure.com (51.104.26.0)' can't be established.
RSA key fingerprint is SHA256:ohD8VZEXGWo6Ez8GSEJQ9WpafOtGGQCQo6Og.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'ssh.dev.azure.com' (RSA) to the list of known hosts.
remote: Shell access is not supported.
shell request failed on channel 0

The message “remote: Shell access is not supported.” signifies that the connection was successful.

Download the contents of the remote repository

Now that we have allowed and tested Jenkins access to Azure DevOps, we can download our code.

First, clone the repository in the portal

[jenkins@jenkins repo]$ git clone git@ssh.dev.azure.com:v3/ukconsult-cloud/IaC-General/IaC-General        
Cloning into 'IaC-General'...
remote: Azure Repos
remote: Found 69 objects to send. (54 ms)
Receiving objects: 100% (69/69), 13.50 KiB | 1.69 MiB/s, done.
Resolving deltas: 100% (23/23), done.

and that’s it – we have our code locally and ready to be executed in the subsequent steps.

Tags

Leave a Reply

Your email address will not be published. Required fields are marked *