Thanks, Could you by any chance create a bug on https://issues.jenkins-ci.org with the label pipeline-maven-plugin detailing the problem so that it will be easier to manage and easier to share knowledge with other users?
Do you understand why the downstream pipeline is seen as unauthenticated? Could there be a configuration glitch on your setup? Cyrille On Friday, August 2, 2019 at 11:32:57 AM UTC+2, drpm wrote: > > Oh It is using the anonymous user for it. > > isUpstreamBuildVisibleByDownstreamBuildAuth(org.jenkinsci.plugins.workflow.job.WorkflowJob@3e3adefa[<upstream-job>], > >> org.jenkinsci.plugins.workflow.job.WorkflowJob@7b2c0800[<downstream-job>]): >> taskAuth: >> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >> Username: SYSTEM; Password: [PROTECTED]; Authenticated: false; Details: >> null; Not granted any authorities, downstreamPipelineAuth: >> org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken@ffffffc4: >> Username: *anonymous*; Password: [PROTECTED]; Authenticated: true; >> Details: null; Granted Authorities: anonymous, >> upstreamPipelineObtainedAsImpersonated:null, result: false >> > > > On Friday, August 2, 2019 at 6:15:48 PM UTC+9, Cyrille Le Clerc wrote: >> >> Can you please enable FINER >> on org.jenkinsci.plugins.pipeline.maven.service.PipelineTriggerService ? I >> am interested by the message of >> isUpstreamBuildVisibleByDownstreamBuildAuth >> >> >> https://github.com/jenkinsci/pipeline-maven-plugin/blob/pipeline-maven-3.8.0/jenkins-plugin/src/main/java/org/jenkinsci/plugins/pipeline/maven/service/PipelineTriggerService.java#L332 >> >> public boolean isUpstreamBuildVisibleByDownstreamBuildAuth(@Nonnull >>> WorkflowJob upstreamPipeline, @Nonnull Queue.Task downstreamPipeline) { >>> Authentication auth = >>> Tasks.getAuthenticationOf(downstreamPipeline); >>> Authentication downstreamPipelineAuth; >>> if (auth.equals(ACL.SYSTEM) && >>> !QueueItemAuthenticatorConfiguration.get().getAuthenticators().isEmpty()) { >>> downstreamPipelineAuth = Jenkins.ANONYMOUS; // cf. >>> BuildTrigger >>> } else { >>> downstreamPipelineAuth = auth; >>> } >>> try (ACLContext ignored = ACL.as(downstreamPipelineAuth)) { >>> WorkflowJob upstreamPipelineObtainedAsImpersonated = >>> getItemByFullName(upstreamPipeline.getFullName(), WorkflowJob.class); >>> boolean result = upstreamPipelineObtainedAsImpersonated != >>> null; >>> LOGGER.log(Level.FINE, >>> "isUpstreamBuildVisibleByDownstreamBuildAuth({0}, {1}): taskAuth: {2}, >>> downstreamPipelineAuth: {3}, upstreamPipelineObtainedAsImpersonated:{4}, >>> result: {5}", >>> new Object[]{upstreamPipeline, downstreamPipeline, >>> auth, downstreamPipelineAuth, upstreamPipelineObtainedAsImpersonated, >>> result}); >>> return result; >>> } >>> } >> >> >> >> On Friday, August 2, 2019 at 1:31:49 AM UTC+2, drpm wrote: >>> >>> Hello, >>> >>> Thank you for your reply. >>> >>> Yes I do have Jenkins Authorize Project >>> <https://plugins.jenkins.io/authorize-project>plugin. I tried running >>> it as a SYSTEM and user with admin privileges and still having the same >>> error. >>> >>> *As SYSTEM user: * >>> >>>> >>>> upstreamPipeline (<upstream build>, visibleByDownstreamBuildAuth: >>>> false), downstreamPipeline (<downstream pipeline>, >>>> visibleByUpstreamBuildAuth: true), upstreamBuildAuth: >>>> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >>>> Username: SYSTEM; Password: [PROTECTED]; Authenticated: false; Details: >>>> null; Not granted any authorities >>>> Skip triggering of <downstream pipeline> by <upstream pipeline> >>>> #<build>: downstreamVisibleByUpstreamBuildAuth: true, >>>> upstreamVisibleByDownstreamBuildAuth: false >>> >>> >>> >>> *As USER WITH PRIV:* >>> >>> upstreamPipeline (<upstream build>, visibleByDownstreamBuildAuth: >>>> false), downstreamPipeline (<downstream pipeline>, >>>> visibleByUpstreamBuildAuth: true), upstreamBuildAuth: >>>> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@72da9556: >>>> Username: <user-with-admin-priv>; Password: [PROTECTED]; Authenticated: >>>> true; Details: null; Granted Authorities: authenticated >>>> Skip triggering of <downstream pipeline> by <upstream pipeline> >>>> #<build>: downstreamVisibleByUpstreamBuildAuth: true, >>>> upstreamVisibleByDownstreamBuildAuth: false >>> >>> >>> I also use this plugin: Role+Strategy+Plugin >>> <https://wiki.jenkins.io/display/JENKINS/Role+Strategy+Plugin> >>> >>> Do I need to create a special role? >>> >>> - drpm >>> >>> On Friday, August 2, 2019 at 6:02:11 AM UTC+9, Cyrille Le Clerc wrote: >>>> >>>> Hello, >>>> >>>> Could you be using the Jenkins Authorize Project Plugin >>>> <https://plugins.jenkins.io/authorize-project> and impersonate your >>>> builds with a user different from SYSTEM? What is the "<user>" displayed >>>> in >>>> the log message "upstreamPipeline... Username: <user>"? >>>> >>>> When not using the Jenkins Authorize Project Plugin >>>> <https://plugins.jenkins.io/authorize-project>, the user used to run >>>> the upstream pipelines is SYSTEM as we can see in the sample below >>>> >>>> upstreamPipeline >>>>> (plugins/pipeline-maven-plugin/dependency-graph/my-jar, >>>>> visibleByDownstreamBuildAuth: true), downstreamPipeline >>>>> (plugins/pipeline-maven-plugin/dependency-graph/my-war-multibranch/master, >>>>> >>>>> visibleByUpstreamBuildAuth: true), *upstreamBuildAuth*: >>>>> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >>>>> *Username: >>>>> SYSTEM*; Password: [PROTECTED]; Authenticated: false; Details: null; >>>>> Not granted any authorities >>>> >>>> >>>> Cyrille >>>> >>>> >>>> On Thursday, August 1, 2019 at 9:26:34 AM UTC+2, drpm wrote: >>>>> >>>>> I'm having an issue regarding Jenkins Pipeline Maven Plugin >>>>> (*https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin >>>>> <https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin>*). It >>>>> always skips the downstream jobs even if "*Build whenever a SNAPSHOT >>>>> dependency is built*" is checked. >>>>> >>>>> Here's the FINER logs for Downstream listener( >>>>> *org.jenkinsci.plugins.pipeline.maven.listeners.DownstreamPipelineTriggerRunListener* >>>>> ): >>>>> >>>>> *upstreamPipeline (<upstream build>, visibleByDownstreamBuildAuth: >>>>> false), downstreamPipeline (<downstream pipeline>, >>>>> visibleByUpstreamBuildAuth: true), upstreamBuildAuth: >>>>> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@1f: >>>>> Username: <user>; Password: [PROTECTED]; * >>>>> >>>>> *Skip triggering of <downstream pipeline> by <upstream pipeline> >>>>> #<build>: downstreamVisibleByUpstreamBuildAuth: true, >>>>> upstreamVisibleByDownstreamBuildAuth: false* >>>>> >>>>> --- >>>>> >>>>> The value for *visibleByDownstreamBuildAuth* is always false. Any >>>>> ideas how to make that value true? >>>>> >>>>> Also Jenkins has this troubleshooting guide but my settings are >>>>> already correct. >>>>> *https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin#PipelineMavenPlugin-Mydownstreampipelinesdon'tgettriggeredevenifIuse%22BuildwheneveraSNAPSHOTdependencyisbuilt%22 >>>>> >>>>> <https://wiki.jenkins.io/display/JENKINS/Pipeline+Maven+Plugin#PipelineMavenPlugin-Mydownstreampipelinesdon'tgettriggeredevenifIuse%22BuildwheneveraSNAPSHOTdependencyisbuilt%22>* >>>>> >>>>> Thank you in advance. >>>>> >>>> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/c7ec930b-b9ab-43ab-afc1-d7971a3dac87%40googlegroups.com.
