In my Jenkins job, during the build phase, I execute pip install -r requirements.txt
. Among my project's requirements, there are some paths to private git repositories, needing SSH keys to authenticate. I already created the keys (no passphrase), added the public key to the BitBucket server and the private key to Jenkins's credentials.
My project's code is pulled successfully with those same SSH keys (internally, Jenkins uses GIT_SSH), but pip doesn't know to pass them on to the server for authentication (the log shows: Permission denied (publickey)
)
I've seen Use SSH Key from Jenkins Git Plugin to Run Git Commands During Build , but it isn't answered. I've also seen some other talk about Publish Over SSH
plugin, but I'm not sure it applies to me..
The build machine is Windows, by the way.
Automatically writing the private key to <home_folder>\.ssh\id_rsa
seems like a security risk to me, though I might be wrong..?
Is there a way to configure Jenkins to use the same SSH keys it has to pip install ssh entries as well?