diff --git a/src/main/java/io/jenkins/plugins/jfrog/CliEnvConfigurator.java b/src/main/java/io/jenkins/plugins/jfrog/CliEnvConfigurator.java index 6cf4cdc9..afde3ae8 100644 --- a/src/main/java/io/jenkins/plugins/jfrog/CliEnvConfigurator.java +++ b/src/main/java/io/jenkins/plugins/jfrog/CliEnvConfigurator.java @@ -49,10 +49,11 @@ static void configureCliEnv(EnvVars env, FilePath jfrogHomeTempDir, JFrogCliConf setupProxy(env); } if (encryptionKey.shouldEncrypt()) { - // Write the encryption key file on the agent (not controller) using FilePath. - // This ensures the file exists where the JFrog CLI runs (Docker/remote agent). + // Write the encryption key file on the current agent using FilePath. + // Always overwrite (not putIfAbsent) because in multi-agent pipelines the env + // var may still hold the previous agent's path, which doesn't exist on this agent. String keyFilePath = encryptionKey.writeKeyFile(jfrogHomeTempDir); - env.putIfAbsent(JFROG_CLI_ENCRYPTION_KEY, keyFilePath); + env.put(JFROG_CLI_ENCRYPTION_KEY, keyFilePath); } } diff --git a/src/main/java/io/jenkins/plugins/jfrog/actions/JFrogCliConfigEncryption.java b/src/main/java/io/jenkins/plugins/jfrog/actions/JFrogCliConfigEncryption.java index 1d5f3bde..90c972bd 100644 --- a/src/main/java/io/jenkins/plugins/jfrog/actions/JFrogCliConfigEncryption.java +++ b/src/main/java/io/jenkins/plugins/jfrog/actions/JFrogCliConfigEncryption.java @@ -36,6 +36,10 @@ public JFrogCliConfigEncryption(EnvVars env) { /** * Writes the encryption key to a file in the specified directory on the agent. * Uses FilePath to ensure the file is written on the remote agent, not the controller. + *

+ * The key file is always written fresh to the given jfrogHomeTempDir. In multi-agent + * pipelines each agent has its own filesystem, so the file must be written locally on + * every agent where the JFrog CLI runs. The key content stays the same across agents. * * @param jfrogHomeTempDir - The JFrog CLI home temp directory (FilePath on the agent) * @return The path to the key file (as seen by the agent) @@ -46,17 +50,15 @@ public String writeKeyFile(FilePath jfrogHomeTempDir) throws IOException, Interr if (this.key == null || this.key.isEmpty()) { return null; } - // If key file was already written, return the existing path - if (this.keyFilePath != null) { - return this.keyFilePath; - } - // Use FilePath operations to write on the agent (not controller) + // Always write the key file on the current agent's filesystem. + // Do NOT cache/reuse keyFilePath: in multi-agent pipelines each agent has its own + // filesystem, so returning a previously cached path would point to a different + // agent's file which does not exist on the current agent. FilePath encryptionDir = jfrogHomeTempDir.child("encryption"); encryptionDir.mkdirs(); String fileName = UUID.randomUUID().toString() + ".key"; FilePath keyFile = encryptionDir.child(fileName); keyFile.write(this.key, StandardCharsets.UTF_8.name()); - // getRemote() returns the path as seen by the agent this.keyFilePath = keyFile.getRemote(); return this.keyFilePath; }