Can you please enable FINER on org.jenkinsci.plugins.pipeline.maven.service.PipelineTriggerService ? I am interested by the message of isUpstreamBuildVisibleByDownstreamBuildAuth
https://github.com/jenkinsci/pipeline-maven-plugin/blob/pipeline-maven-3.8.0/jenkins-plugin/src/main/java/org/jenkinsci/plugins/pipeline/maven/service/PipelineTriggerService.java#L332 public boolean isUpstreamBuildVisibleByDownstreamBuildAuth(@Nonnull > WorkflowJob upstreamPipeline, @Nonnull Queue.Task downstreamPipeline) { > Authentication auth = > Tasks.getAuthenticationOf(downstreamPipeline); > Authentication downstreamPipelineAuth; > if (auth.equals(ACL.SYSTEM) && > !QueueItemAuthenticatorConfiguration.get().getAuthenticators().isEmpty()) { > downstreamPipelineAuth = Jenkins.ANONYMOUS; // cf. BuildTrigger > } else { > downstreamPipelineAuth = auth; > } > try (ACLContext ignored = ACL.as(downstreamPipelineAuth)) { > WorkflowJob upstreamPipelineObtainedAsImpersonated = > getItemByFullName(upstreamPipeline.getFullName(), WorkflowJob.class); > boolean result = upstreamPipelineObtainedAsImpersonated != > null; > LOGGER.log(Level.FINE, > "isUpstreamBuildVisibleByDownstreamBuildAuth({0}, {1}): taskAuth: {2}, > downstreamPipelineAuth: {3}, upstreamPipelineObtainedAsImpersonated:{4}, > result: {5}", > new Object[]{upstreamPipeline, downstreamPipeline, > auth, downstreamPipelineAuth, upstreamPipelineObtainedAsImpersonated, > result}); > return result; > } > } On Friday, August 2, 2019 at 1:31:49 AM UTC+2, drpm wrote: > > Hello, > > Thank you for your reply. > > Yes I do have Jenkins Authorize Project > <https://plugins.jenkins.io/authorize-project>plugin. I tried running it > as a SYSTEM and user with admin privileges and still having the same error. > > *As SYSTEM user: * > >> >> upstreamPipeline (<upstream build>, visibleByDownstreamBuildAuth: >> false), downstreamPipeline (<downstream pipeline>, >> visibleByUpstreamBuildAuth: true), upstreamBuildAuth: >> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >> Username: SYSTEM; Password: [PROTECTED]; Authenticated: false; Details: >> null; Not granted any authorities >> Skip triggering of <downstream pipeline> by <upstream pipeline> #<build>: >> downstreamVisibleByUpstreamBuildAuth: true, >> upstreamVisibleByDownstreamBuildAuth: false > > > > *As USER WITH PRIV:* > > upstreamPipeline (<upstream build>, visibleByDownstreamBuildAuth: false), >> downstreamPipeline (<downstream pipeline>, visibleByUpstreamBuildAuth: >> true), upstreamBuildAuth: >> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@72da9556: >> Username: <user-with-admin-priv>; Password: [PROTECTED]; Authenticated: >> true; Details: null; Granted Authorities: authenticated >> Skip triggering of <downstream pipeline> by <upstream pipeline> #<build>: >> downstreamVisibleByUpstreamBuildAuth: true, >> upstreamVisibleByDownstreamBuildAuth: false > > > I also use this plugin: Role+Strategy+Plugin > <https://wiki.jenkins.io/display/JENKINS/Role+Strategy+Plugin> > > Do I need to create a special role? > > - drpm > > On Friday, August 2, 2019 at 6:02:11 AM UTC+9, Cyrille Le Clerc wrote: >> >> Hello, >> >> Could you be using the Jenkins Authorize Project Plugin >> <https://plugins.jenkins.io/authorize-project> and impersonate your >> builds with a user different from SYSTEM? What is the "<user>" displayed in >> the log message "upstreamPipeline... Username: <user>"? >> >> When not using the Jenkins Authorize Project Plugin >> <https://plugins.jenkins.io/authorize-project>, the user used to run the >> upstream pipelines is SYSTEM as we can see in the sample below >> >> upstreamPipeline (plugins/pipeline-maven-plugin/dependency-graph/my-jar, >>> visibleByDownstreamBuildAuth: true), downstreamPipeline >>> (plugins/pipeline-maven-plugin/dependency-graph/my-war-multibranch/master, >>> visibleByUpstreamBuildAuth: true), *upstreamBuildAuth*: >>> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >>> *Username: >>> SYSTEM*; Password: [PROTECTED]; Authenticated: false; Details: null; >>> Not granted any authorities >> >> >> Cyrille >> >> >> On Thursday, August 1, 2019 at 9:26:34 AM UTC+2, drpm wrote: >>> >>> I'm having an issue regarding Jenkins Pipeline Maven Plugin >>> (*https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin >>> <https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin>*). It >>> always skips the downstream jobs even if "*Build whenever a SNAPSHOT >>> dependency is built*" is checked. >>> >>> Here's the FINER logs for Downstream listener( >>> *org.jenkinsci.plugins.pipeline.maven.listeners.DownstreamPipelineTriggerRunListener* >>> ): >>> >>> *upstreamPipeline (<upstream build>, visibleByDownstreamBuildAuth: >>> false), downstreamPipeline (<downstream pipeline>, >>> visibleByUpstreamBuildAuth: true), upstreamBuildAuth: >>> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >>> Username: <user>; Password: [PROTECTED]; * >>> >>> *Skip triggering of <downstream pipeline> by <upstream pipeline> >>> #<build>: downstreamVisibleByUpstreamBuildAuth: true, >>> upstreamVisibleByDownstreamBuildAuth: false* >>> >>> --- >>> >>> The value for *visibleByDownstreamBuildAuth* is always false. Any ideas >>> how to make that value true? >>> >>> Also Jenkins has this troubleshooting guide but my settings are already >>> correct. >>> *https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin#PipelineMavenPlugin-Mydownstreampipelinesdon'tgettriggeredevenifIuse%22BuildwheneveraSNAPSHOTdependencyisbuilt%22 >>> >>> <https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin#PipelineMavenPlugin-Mydownstreampipelinesdon'tgettriggeredevenifIuse%22BuildwheneveraSNAPSHOTdependencyisbuilt%22>* >>> >>> Thank you in advance. >>> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/3b13997c-fbfd-4150-822b-720df3650dd3%40googlegroups.com.
