How do I manage java certificates on a distributed Jenkins build environment?

Question

I have a Jenkins server that spins up nodes as build traffic increases. I am trying to run integration tests with one project, and it requires that I have a keytool generated certificate to connect to a secure system. (The system is configured as close to prod as possible, and bonus! is outside of my direct control).

How do I get it onto the system?

• If I drop it manually onto the node, I have to know what node is running the tests and I have to go drop the file every time.
• If I check it into source control, then it gets downloaded to the machine and sits unprotected in the workspace directory (no good way to delete consistently if the job crashes)
• Downloading it from an SSL site leaves us with the same problems as source control.

Answer 1

You can use the Copy To Slave plugin, to automatically copy the keystore from the master to the node. This will happen every time a job is started on a node, as part of the workspace setup (so that it will be available before the actual job starts executing). You use it to copy the keystore into your workspace and can reference it with a relative path.