We would like to use Jenkins EC2 plugin to create spot instances for our tests. We also use the Google Login Plugin, but the login plugin seems to get int the way of the mechanism that the Spot plugin uses to register itself; it cannot read the /computer/[slave id]/slave-agent.jnlp file because the slave gets a 403 Forbidden error when it tries to retrieve the file (exception is thrown at hudson.remoting.Launcher.parseJnlpArguments with message "403 Forbidden"). We use the Role Strategy Plugin to control access, but even adding a Role that Anonymous users have access to with Slave Connect privileges does not work.
This was also manifesting itself when we were using the GitHub authentication plugin using the GitHub Commiter Authorization Strategy. All documentation for the EC2 plugin for spot instances seem to assume you are using the Jenkins built in authentication, and the closest workaround I could find (which is heavily underdocumented) involves making a fake user on Github with a token authentication, which somehow bypasses this issue. This doesn't seem to be available for the Google Login Plugin. Note that this is happening even with the "Enable Slave → Master Access Control" checkbox in Global Security turned off. It seems that there may be a case of too many plugins getting in the way, but perhaps I've missed some configuration/extra arguments that either allows alternate authentication with enough permissions to get the JNLP file, or maybe missing some configuration that allows anonymous access to the JNLP file. Any ideas? -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/62820600-c911-4cd0-9ef3-f2fd8ef488b8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
