CI/CD Setup

We are having On-premise Apigee installation and planning to promote the api's automatically to the upper environment. My plan is Move the proxies to Bit-bucket and write Jenkins Job to deploy api to the different environments. I am copying the proxies to Bit-bucket manually. When I tried the Jenkins Job for apigee's cloud( trial version) https://api.enterprise.apigee.com, able to import the proxy, and deploy the proxy. But when I tries to our local environment( same proxy, bit-bucket, Jenkins Job), its failing with the below error:

[ERROR] Failed to execute goal io.apigee.build-tools.enterprise4g:apigee-edge-maven-plugin:1.0.3:deploy (deploy-bundle) on project MFA_Create_User: MojoExecutionException: Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketException: Broken pipe -> 

Find the below screen shot for your reference. 
jenkins.png

Please help me out.
Solved Solved
1 4 1,631
1 ACCEPTED SOLUTION

Not applicable

Bitbucket needs to have access to your environment/network. So, I'd check the following:

  • External access from Bitbucket to the Management API. If everything was tested locally(from your laptop and the intranet or using VPN), get your laptop outside of the network. Test it from a WiFi network outside of work and check that you can still resolve access to your server. If it doesn't work from an external network, it is a network issue. You might need to whitelist some IPs, open ports, etc.
  • If Mgmt. API got external access, check that domain name resolves to the IP address. Many issues of not having been able to access a server are related to DNS resolution. If IP is not being resolved, try using the API. Make sure that Mgmt. API virtual host picks up the request when using IP addresses instead of domain names. This might work on your laptop if you mapped the IP in you /etc./hosts. You need to make sure domain names is resolvable through DNS.
  • It seems an SSL exception. So it could be related to certificates. Make sure certs are up to date. It's possible that if certs are self-signed or expired BitBucket might reject those connections.

These are my thoughts, so far. Hope it helps!

View solution in original post

4 REPLIES 4

Not applicable

Bitbucket needs to have access to your environment/network. So, I'd check the following:

  • External access from Bitbucket to the Management API. If everything was tested locally(from your laptop and the intranet or using VPN), get your laptop outside of the network. Test it from a WiFi network outside of work and check that you can still resolve access to your server. If it doesn't work from an external network, it is a network issue. You might need to whitelist some IPs, open ports, etc.
  • If Mgmt. API got external access, check that domain name resolves to the IP address. Many issues of not having been able to access a server are related to DNS resolution. If IP is not being resolved, try using the API. Make sure that Mgmt. API virtual host picks up the request when using IP addresses instead of domain names. This might work on your laptop if you mapped the IP in you /etc./hosts. You need to make sure domain names is resolvable through DNS.
  • It seems an SSL exception. So it could be related to certificates. Make sure certs are up to date. It's possible that if certs are self-signed or expired BitBucket might reject those connections.

These are my thoughts, so far. Hope it helps!

Hi @Diego Zuluaga ... thanks for your response. I am able to import the proxy from Bitbucket to my Jenkins workspace. There is no connectivity issues from Jenkins to Management api server.

Below are the curl from Jenkins server:

curl -H Content-Type: multipart/form-data -v -X POST -d @MFA_Create_User2.0-uat.zip -k -u abc@xyz.com https://dal-uat-apigee-managementapi.com/v1/organizations/abc/apis?action=import&name=MFA_Create_Use...

* About to connect() to dal-uat-apigee-managementapi.com port 443 (#0)

* Trying 10.23.13.47...

* Connected to dal-uat-apigee-managementapi.com (10.23.13.47) port 443 (#0)

* Initializing NSS with certpath: sql:/etc/pki/nssdb

* skipping SSL peer certificate verification

* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

* Server certificate:

* subject: CN=dal-uat-apigee-managementapi.com,OU=Digi-SSL Xp,OU=Provided by Digi-Sign Limited,OU=ISMS-EAM,O=abc,L=Hoboken,ST=NJ,C=US

* start date: Dec 07 00:00:00 2016 GMT

* expire date: Dec 07 23:59:59 2017 GMT

* common name: dal-uat-apigee-managementapi.com

* issuer: CN=Digi-Sign CA Digi-SSL,O=Digi-Sign Limited,L=Dublin,ST=County Dublin,C=IE

* Server auth using Basic with user 'abc@xyz.com'

> POST /v1/organizations/abc/apis?action=import&name=MFA_Create_User HTTP/1.1

> Authorization: Basic dfdsfsdagsgaswewerwer

> User-Agent: curl/7.29.0

> Host: dal-uat-apigee-managementapi.com

> Accept: */*

> Content-Type: multipart/form-data

> Content-Length: 2917

> Expect: 100-continue

>

< HTTP/1.1 100 Continue

< HTTP/1.1 500 Server Error

< X-Apigee.fault-code:

< Content-Type: application/json

< Date: Tue, 06 Jun 2017 21:01:35 GMT

< Connection: close

<

{

"message" : "org.apache.cxf.interceptor.Fault: Couldn't determine the boundary from the message!",

"contexts" : [ ],

"cause" : {

"message" : "Couldn't determine the boundary from the message!",

"contexts" : [ ],

"cause" : {

"message" : "Couldn't determine the boundary from the message!",

"contexts" : [ ]

}

}

* Closing connection 0

Apigee logs:

==> /opt/apigee/var/log/edge-management-server/logs/system.log <==

2017-06-06 16:01:35,054 org:abc qtp1389509050-6588 ERROR REST - ExceptionMapper.toResponse() : Error occurred : org.apache.cxf.interceptor.Fault: Couldn't determine the boundary from the message!

org.apache.cxf.jaxrs.utils.JAXRSUtils.readFromMessageBody(JAXRSUtils.java:1043)

org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameter(JAXRSUtils.java:615)

org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(JAXRSUtils.java:579)

org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:238)

2017-06-06 16:01:35,054 org:abc qtp1389509050-6588 ERROR REST - ExceptionMapper.toResponse() : Returning error response : ErrorResponse{errorCode = null, errorMessage = org.apache.cxf.interceptor.Fault: Couldn't determine the boundary from the message!}

==> /opt/apigee/var/log/edge-management-server/logs/audit.log <==

2017-06-06 16:01:35,057 pool-2-thread-1 INFO AUDITLOG - AuditLog.logAudit() : {responsecode=500, useragent=curl/7.29.0, x-forwarded-for=19.23.124.13, requesturi=/v1/organizations/abc/apis/, clientip=10.23.13.47, serverip=19.30.21.37, serverhostname=localhost, id=08ca5277-749e-468f-884b-9bbb1e1730e7, user=abc@xyz.com, operation=CREATE, requesturiqp=/v1/organizations/abc/apis?action=import&name=MFA_Create_User, timestamp=06/06/2017 16:01:35}

==> /opt/apigee/var/log/edge-management-server/logs/access.log <==

2017-06-06 16:01:35,058 pool-2-thread-1 INFO ACCESSLOG - AccessInfo.logAuditInfo() : {RequestURIQP=/v1/organizations/abc/apis?action=import&name=MFA_Create_User, ResponseCode=500, User=abc@xyz.com, ServerHostName=localhost, ServerIP=172.30.210.37, UserAgent=curl/7.29.0, X-Forwarded-For=10.23.124.13, RequestURI=/v1/organizations/abc/apis, Operation=CREATE, authenticationType=basic, Timestamp=1496782895055, ClientIP=19.23.13.47}

Hi @Diego Zuluaga could you please look into below my request?

Hi @Diego Zuluaga Can you please look into below my query.

I can see the source code projects are importing from Bitbucket to Jenkins and we did a CURL from Jenkins to Apigee Management api successfully. When I changed the apigee-edge-maven-plugin version to 1.1.5 in shared-pom.xml, I can see below error:

Request prepared for the server
**************************
POST  https://dal-uat-apigee-managementapi.abc.com/v1/organizations/abc/apis?action=import&name=...
accept: application/json
accept-encoding: gzip
authorization: Basic [Not shown in log]
content-type: application/octet-stream
[Request body contains data, not shown]

[ERROR] 503 Service Unavailable
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>

[ERROR]

Please help here.