Conjur and jenkins integration issues

Hello,

I’m trying to work through a conjur jenkins setup in this tutorial: https://www.conjur.org/get-started/tutorials/jenkins-security

I have conjur installed on its own ec2 instance and jenkins on another.

I am able to setup the hostfactory policy and generate a hostfactory token docker-compose exec client conjur hostfactory tokens create --duration-hours=1 --cidr=XXX.XX.XX.XX jenkins-executors-dynamic

However on the next step, the command as documented is missing either hosts or tokens in the command line. I add either and get the following error:

docker-compose exec client conjur hostfactory hosts create abase8y000bn12n00hz23cmyt7314tfhk3vcbb681e1epw0mmjptg jenkins-001

Unable to authenticate with Conjur. Please check your credentials.

or

docker-compose exec client conjur hostfactory tokens create abase8y000bn12n00hz23cmyt7314tfhk3vcbb681e1epw0mmjptg jenkins-001

{“error”:{“code”:“not_found”,“message”:“Host_factory ‘abase8y000bn12n00hz23cmyt7314tfhk3vcbb681e1epw0mmjptg’ not found in account ‘myConjurAccount’”,“target”:“host_factory”,“details”:{“code”:“not_found”,“target”:“id”,“message”:“myConjurAccount:host_factory:abase8y000bn12n00hz23cmyt7314tfhk3vcbb681e1epw0mmjptg”}}}

error: 404 Not Found

Am I missing a step somewhere? Thank you!

Hey @jkato!

I think you may have just ran out of validity time for your host factory token. When you created it, the flag --duration-hours=1 meant that you could use that HF token for only one hour before it was no longer valid for host creation. If you tried to create a host more than an hour after running conjur hostfactory tokens create it failed exactly as expected.

Try to create a new token again and retry your later steps - they should work fine as long as you don’t let the token expire.

Srdjan

This topic was automatically closed after 4 days. New replies are no longer allowed.