After upgrading the Jenkins instances I stumbled across this problem
on an old Ubuntu build agent:
using GIT_SSH to set credentials This is jenkins
Verifying host key using known hosts file, will automatically accept unseen keys
> git fetch --tags --force --progress -- git@mulle-kybernetik.com:gs-build +refs/heads/*:refs/remotes/gs-build/* # timeout=10
ERROR: Error fetching remote repo 'gs-build'
hudson.plugins.git.GitException: Failed to fetch from git@mulle-kybernetik.com:gs-build
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:1003)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1244)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1308)
at org.jenkinsci.plugins.multiplescms.MultiSCM.checkout(MultiSCM.java:143)
at hudson.scm.SCM.checkout(SCM.java:540)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1217)
at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:647)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:85)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:519)
at hudson.model.Run.execute(Run.java:1899)
at hudson.matrix.MatrixRun.run(MatrixRun.java:153)
at hudson.model.ResourceController.execute(ResourceController.java:107)
at hudson.model.Executor.run(Executor.java:449)
Caused by: hudson.plugins.git.GitException: Command "git fetch --tags --force --progress -- git@mulle-kybernetik.com:gs-build +refs/heads/*:refs/remotes/gs-build/*" returned status code 128:
stdout:
stderr: command-line line 0: unsupported option "accept-new".
fatal: Could not read from remote repository.
As it turns out, the accept-new
option is provided to ssh
via the git
plugin in order to accept yet unknown host keys (which supposedly makes life
easier), but doesn't work for OpenSSH
< 7.6.
The solution
is to set GIT_SSH_COMMAND
to ssh
as an environment variable on the build node (via its configuration).