[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske commented on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently From what I can tell in source code it doesn't actually create a concurrency lock. Lockable resources plugin queues "threads" as lightweight jobs. Eventually, the jobs get scheduled. So it doesn't work in the traditional sense of what you think of as locks in concurrent high performance programming. Add Comment This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.20477.1588378440947%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently h2. BackgroundI think I've reached the limits of what's possible in native scripted pipeline without updating any plugins using lockable resources plugin as-is. Recently I answered a question around using lockable resources and lockable resource limits similar to this issue... I came up with a solution but it's still not great. I guess I need to look more into what it takes to develop this into a plugin. This is a siginificant significant gap in Jenkins' ability to do large depth parallelism while maintaining limits across a matrix of builds.You can see my reply which promted prompted me to develop this custom withLocks step.[http://sam.gleske.net/blog/engineering/2020/03/29/jenkins-parallel-conditional-locks.html]h2. Custom step source[withLocks custom pipeline step|https://github.com/samrocketman/jervis/blob/master/vars/withLocks.groovy] for shared pipeline libraries.h2. Usage of custom stepObtain two locks.{noformat}withLocks(['foo', 'bar']) {// some code runs after both foo and bar locks are obtained}{noformat}Obtain one lock with parallel limits. The index gets evaluated against the limit in order to limit parallelism with modulo operation. Similar to workaround my color-lock example.Note: if you specify multiple locks with limit and index, then the same limits apply to all locks. The next example will show how to limit specific locks without setting limits for all locks.{noformat}Map tasks = [failFast: true]for(int i = 0; i < 5; i++) {int taskInt = itasks["Task ${taskInt}"] = {stage("Task ${taskInt}") {withLocks(obtain_lock: 'foo', limit: 3, index: taskInt) {echo 'This is an example task being executed'sleep(30)}echo 'End of task execution.'}}}stage("Parallel tasks") {parallel(tasks)}{noformat}Obtain obtain the foo and bar locks. Only proceed if both locks have been obtained simultaneously. However, set foo locks to be limited by 3 simultaneous possible locks. When specifying multiple locks you can pass in the setting with lock name plus _limit and _index to define behavior for just that lock.In the following scenario, the first three locks will race for foo lock with limits and wait on bar for execution. The remaining two tasks will wait on just foo with limits. As an ordering recommendation, in the locks list, foo is first item so that any limited tasks not blocked by bar can execute right away.*Please note:* when using multiple locks this way there's actually a performance difference between the order in the list of foo or bar versus reversing the order. I have no control over this and just appears to be a severe limitation in how pipeline handles CPS sequence.{noformat}Map tasks = [failFast: true]for(int i = 0; i < 5; i++) {int taskInt = itasks["Task ${taskInt}"] = {List locks = ['foo', 'bar']if(taskInt > 2) {locks = ['foo']}stage("Task ${taskInt}") {withLocks(obtain_lock: locks, foo_limit: 3, foo_index: taskInt) {echo 'This is an example task being executed'sleep(30)}echo 'End of task execution.'}}}stage("Parallel tasks") {parallel(tasks)}{noformat}You may need to quote the setting depending on the characters used. For example, if you have a lock named with a special character other than an underscore, then it must be quoted.{noformat}withLocks(obtain_lock: ['hello-world'], 'hello-world_limit': 3, ...) ...{noformat}If you
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske commented on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Background I think I've reached the limits of what's possible in native scripted pipeline without updating any plugins using lockable resources plugin as-is. Recently I answered a question around using lockable resources and lockable resource limits similar to this issue... I came up with a solution but it's still not great. I guess I need to look more into what it takes to develop this into a plugin. This is a siginificant gap in Jenkins' ability to do large depth parallelism while maintaining limits across a matrix of builds. You can see my reply which promted me to develop this custom withLocks step. http://sam.gleske.net/blog/engineering/2020/03/29/jenkins-parallel-conditional-locks.html Custom step source withLocks custom pipeline step for shared pipeline libraries. Usage of custom step Obtain two locks. withLocks(['foo', 'bar']) { // some code runs after both foo and bar locks are obtained } Obtain one lock with parallel limits. The index gets evaluated against the limit in order to limit parallelism with modulo operation. Similar to workaround my color-lock example. Note: if you specify multiple locks with limit and index, then the same limits apply to all locks. The next example will show how to limit specific locks without setting limits for all locks. Map tasks = [failFast: true] for(int i = 0; i < 5; i++) { int taskInt = i tasks["Task ${taskInt}"] = { stage("Task ${taskInt}") { withLocks(obtain_lock: 'foo', limit: 3, index: taskInt) { echo 'This is an example task being executed' sleep(30) } echo 'End of task execution.' } } } stage("Parallel tasks") { parallel(tasks) } Obtain obtain the foo and bar locks. Only proceed if both locks have been obtained simultaneously. However, set foo locks to be limited by 3 simultaneous possible locks. When specifying multiple locks you can pass in the setting with lock name plus _limit and _index to define behavior for just that lock. In the following scenario, the first three locks will race for foo lock with limits and wait on bar for execution. The remaining two tasks will wait on just foo with limits. As an ordering recommendation, in the locks list, foo is first item so that any limited tasks not blocked by bar can execute right away. Please note: when using multiple locks this way there's actually a performance difference between the order in the list of foo or bar versus reversing the order. I have no control over this and just appears to be a severe limitation in how pipeline handles CPS sequence. Map tasks = [failFast: true] for(int i = 0; i < 5; i++) { int taskInt = i tasks["Task ${taskInt}"] = { List locks = ['foo', 'bar']
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske commented on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently No worries... in practice I haven't encountered the limitation I described. I still get the parallel speedup without completely taking over Jenkins infrastructure. So the limitation I posed is mostly hypothetical but may not actually impact your project. So it's at least worth trying out to see if you get any gains from it. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.81.1580745541379%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob, def List items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) { def Map branches = [failFast: failFast]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranches def String itemValue = items[i]branches[itemValue] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body(itemValue)}}}currentJob.parallel(branches)}{code}Make items a def so that it is more versatile. For example, [each item can be a map|https://jenkins.io/blog/2019/12/02/matrix-building-with-scripted-pipeline/] from a matrix of items and not just a String.You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent.My previous example is not a true semaphore. All it does is generate a limited number of lock IDs using the modulo operator. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob,def items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [:]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranchesdef itemValue = items[i]branches[itemValue] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body(itemValue)}}}currentJob.parallel(branches)}{code}Make items a def so that it is more versatile. For example, [each item can be a map|https://jenkins.io/blog/2019/12/02/matrix-building-with-scripted-pipeline/] from a matrix of items and not just a String .You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent.My previous example is not a true semaphore. All it does is generate a limited number of lock IDs using the modulo operator. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob,def items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [ failFast : failFast ]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranchesdef itemValue = items[i]branches[itemValue] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body(itemValue)}}}currentJob.parallel(branches)}{code}Make items a def so that it is more versatile. For example, [each item can be a map|https://jenkins.io/blog/2019/12/02/matrix-building-with-scripted-pipeline/] from a matrix of items and not just a String.You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent.My previous example is not a true semaphore. All it does is generate a limited number of lock IDs using the modulo operator. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob, List def items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [:]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranches String def itemValue = items[i]branches[itemValue] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body(itemValue)}}}currentJob.parallel(branches)}{code} Make items a def so that it is more versatile. For example, [each item can be a map|https://jenkins.io/blog/2019/12/02/matrix-building-with-scripted-pipeline/] from a matrix of items. You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent.My previous example is not a true semaphore. All it does is generate a limited number of lock IDs using the modulo operator. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob,List items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [:]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranchesString itemValue = items[i]branches[itemValue] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body(itemValue)}}}currentJob.parallel(branches)}{code}You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent. My previous example is not a true semaphore. All it does is generate a limited number of lock IDs using the modulo operator. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.10008.1580575620962%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob,List items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [:]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranchesString branchName itemValue = items[i]branches[branchName] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body( itemValue )}}}currentJob.parallel(branches)}{code}You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.9912.1580574783940%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob,List items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [:]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranchesString itemValue = items[i]branches[ branchName itemValue ] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body(itemValue)}}}currentJob.parallel(branches)}{code}You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.9914.1580574783998%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske edited a comment on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example...{code:java}static def parallelLimitedBranches(CpsScript currentJob,List items,Integer maxConcurrentBranches,Boolean failFast = false,Closure body) {def branches = [:]for(int i = 0; i < items.size(); i++) {int lockId = i % maxConcurrentBranchesString branchName = items[i]branches[branchName] = { ->lock("${currentJob.rawBuild.parent.fullName}-${lockId}") {body()}}}currentJob.parallel(branches)}{code} You're doing something weird with trying to manually select agents... don't do that. Use agent labels and label expressions instead. Rely on Jenkins to select an appropriate agent and only focus on executing your code on said agent. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.9820.1580574661027%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske commented on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Using my "color" concurrent lock example... static def parallelLimitedBranches( CpsScript currentJob, Listitems, Integer maxConcurrentBranches, Boolean failFast = false, Closure body) { def branches = [:] for(int i = 0; i < items.size(); i++) { int lockId = i % maxConcurrentBranches String branchName = items[i] branches[branchName] = { -> lock("${currentJob.rawBuild.parent.fullName}-${lockId}") { body() } } } currentJob.parallel(branches) } Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.9773.1580574420916%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske commented on JENKINS-60845 Re: Filter PR by branch source Thanks for reporting back. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.9696.1580520240094%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske edited a comment on JENKINS-60845 Re: Filter PR by branch source Great, you too. Glad you don't have to jump through too many hoops. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.9694.1580520180193%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske commented on JENKINS-60845 Re: Filter PR by branch source Great, you too. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.9692.1580520180166%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske updated JENKINS-60845 Jenkins / JENKINS-60845 Filter PR by branch source Change By: Sam Gleske Resolution: Fixed Status: Resolved In Review Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6031.1579987321061%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske started work on JENKINS-60845 Change By: Sam Gleske Status: Open In Progress Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6025.1579987320935%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske updated JENKINS-60845 Jenkins / JENKINS-60845 Filter PR by branch source Change By: Sam Gleske Status: In Review Resolved Resolution: Fixed Released As: scm-filter-branch-pr 0.5 Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6033.1579987321093%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske updated JENKINS-60845 Jenkins / JENKINS-60845 Filter PR by branch source Change By: Sam Gleske Status: In Review Resolved Resolution: Fixed Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6029.1579987321021%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske updated JENKINS-60845 Jenkins / JENKINS-60845 Filter PR by branch source Change By: Sam Gleske Status: In Progress Review Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6027.1579987320973%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske commented on JENKINS-60845 Re: Filter PR by branch source I have released a new version of scm-filter-branch-pr 0.5 which includes filtering by origin instead of target for change requests. See https://github.com/jenkinsci/scm-filter-branch-pr-plugin/pull/5 You can wait a day for the release to become generally available in the Jenkins update center or you can download it and upload it manually. Here's the download link. https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/scm-filter-branch-pr/0.5/scm-filter-branch-pr-0.5.hpi Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6023.1579987320797%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske commented on JENKINS-60845 Re: Filter PR by branch source That is interesting and should be do-able. I'll look at feasibility and maybe spend some time on it weekends / evenings. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.6005.1579982340211%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske edited a comment on JENKINS-60845 Re: Filter PR by branch source It should be technically feasible. Can you expand on your use case? The default behavior of SCM filter is kind of like this already. I created this plugin to modify the default behavior. Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.4613.1579815480116%40Atlassian.JIRA.
[JIRA] (JENKINS-60845) Filter PR by branch source
Title: Message Title Sam Gleske commented on JENKINS-60845 Re: Filter PR by branch source It should be technically feasible. Can you expand on your use case? Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.204208.1579800379000.4611.1579815360208%40Atlassian.JIRA.
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske commented on JENKINS-44085 Re: have a simple way to limit the number of parallel branches that run concurrently Added lockable-resources-plugin as a potential dependency since a semaphore step could be implemented. Semaphore-like behavior with lock step Can be achieved by calculating lock names using modulo operator to cycle through an integer. Here's an example using rainbow colors. int concurrency = 3 List colors = ['red', 'orange', 'yellow', 'green', 'blue', 'indigo', 'violet'] Map tasks = [failFast: false] for(int i=0; iString color = colors[i] int lock_id = i % concurrency tasks["Code ${color}"] = { -> stage("Code ${color}") { lock("color-lock-${lock_id}") { echo "This color is ${color}" sleep 30 } } } } // execute the tasks in parallel with concurrency limits stage("Rainbow") { parallel(tasks) } The above code will execute 7 stages in parallel; however it will not run more than 3 concurrently. The above will create custom locks: color-lock-0 color-lock-1 color-lock-2 All concurrent tasks will race for one of the three locks. It's not perfectly efficient (certainly not as efficient as a real semaphore) and there are some limitations. Limitations with this workaround Your pipeline will take as long as your slowest locks. So if you unfortunately have several long running jobs racing for the same lock (e.g. color-lock-1), then your pipeline could be longer than if it were a proper semaphore. Example scenario with the three locks: color-lock-0 takes 20 seconds to cycle through all jobs. color-lock-1 takes 30 minutes to cycle through all jobs. color-lock-2 takes 2 minutes to cycle through all jobs. Then your job will take 30 minutes to run... where as with a true semaphore it would have been much faster because the longer running jobs would take the next available lock in the semaphore rather than be blocked. Add Comment
[JIRA] (JENKINS-44085) have a simple way to limit the number of parallel branches that run concurrently
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-44085 have a simple way to limit the number of parallel branches that run concurrently Change By: Sam Gleske Component/s: lockable-resources-plugin Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181710.1494001199000.5839.1574567701530%40Atlassian.JIRA.
[JIRA] (JENKINS-60224) GiHub Oauth plugin requests permissions to user's private repos
Title: Message Title Sam Gleske closed an issue as Not A Defect You can customize requested scopes in the OAuth application configuration in the Jenkins global security configuration. The scopes we have as default are the minimum required for private repositories. However, you can further restrict the scopes to whatever you want by updating the requested scopes configuration. This is also documented in the plugin documentation; see https://wiki.jenkins.io/display/JENKINS/GitHub+OAuth+Plugin#GitHubOAuthPlugin-SecurityRealminGlobalSecurity < /td> Jenkins / JENKINS-60224 GiHub Oauth plugin requests permissions to user's private repos Change By: Sam Gleske Status: Open Closed Resolution: Not A Defect Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
[JIRA] (JENKINS-45504) Add @Symbol annotations to traits
Title: Message Title Sam Gleske commented on JENKINS-45504 Re: Add @Symbol annotations to traits Thanks for your work Mark Waite Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.183680.1499933648000.8101.1572842040648%40Atlassian.JIRA.
[JIRA] (JENKINS-42509) authenticated team members should have read/build permissions when using Github Committer Authorization Strategy
Title: Message Title Sam Gleske closed an issue as Duplicate Closing again since this a duplicate. Please contribute in JENKINS-27844 which should track any rewriting of this feature. The GitHub authorization strategy needs to be redesigned completely. Jenkins / JENKINS-42509 authenticated team members should have read/build permissions when using Github Committer Authorization Strategy Change By: Sam Gleske Status: Reopened Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.179436.1488821196000.174.1566848041152%40Atlassian.JIRA.
[JIRA] (JENKINS-59077) LTS Jenkins scriptText endpoint returns leading spaces in its response
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-59077 LTS Jenkins scriptText endpoint returns leading spaces in its response Change By: Sam Gleske Environment: Jenkins version 2.176.2 LTS Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.201459.1566795854000.9344.1566799140286%40Atlassian.JIRA.
[JIRA] (JENKINS-59077) LTS Jenkins scriptText endpoint returns leading spaces in its response
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-59077 LTS Jenkins scriptText endpoint returns leading spaces in its response Change By: Sam Gleske Summary: LTS Jenkins scriptText endpoint returns leading spaces in its response Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.201459.1566795854000.9342.1566799140223%40Atlassian.JIRA.
[JIRA] (JENKINS-59077) Jenkins scriptText endpoint returns leading spaces in its response
Title: Message Title Sam Gleske commented on JENKINS-59077 Re: Jenkins scriptText endpoint returns leading spaces in its response Looks like a dupe of JENKINS-58548. Seems this bug has made it into the LTS version of Jenkins. I'll leave this issue open for now so that the Jenkins core team can review and close it. Leaving for core team review considering it made it to LTS. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.201459.1566795854000.9340.1566798720065%40Atlassian.JIRA.
[JIRA] (JENKINS-59077) Jenkins scriptText endpoint returns leading spaces in its response
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-59077 Jenkins scriptText endpoint returns leading spaces in its response Change By: Sam Gleske h2. Expected BehaviorJenkins version 2.164.2 has the expected behavior.Calling the scriptText script console endpoint to get the Jenkins server version returns just the literal version.{noformat}curl -XPOST --data-urlencode "script=println Jenkins.instance.version" -H 'Jenkins-Crumb:REDACTED' -H 'Authorization:Basic REDACTED' http://localhost:8080/scriptText{noformat}Returns{noformat}2.164.2{noformat}Doing a word count for characters (wc -c) shows 8 characters (7 for the version number + 1 newline at the end because of using the println statement).Expected behavior: * scriptText returns only exactly the data that's returned from the script console running. * If using Groovy println it returns a trailing newline. * If using Groovy print it returns the version with no trailing newline.h2. Buggy BehaviorSince Jenkins version 2.176.2, the scriptText endpoint returns leading spaces in its response. Taking the same exact curl examples from above Jenkins scriptText returns{noformat}\n\n2.176.2\n{noformat} * It returns a leading newline. * Followed by four spaces and a newline. * Followed by four spaces and the data response from the script console execution.If using word count on characters (wc -c) the result is 18 characters (10 junk leading characters + 7 character version number + 1 newline character). For now, I have to strip / trim the response from scriptText in my automation scripts but the old behavior is desirable. Add Comment
[JIRA] (JENKINS-59077) Jenkins scriptText endpoint returns leading spaces in its response
Title: Message Title Sam Gleske created an issue Jenkins / JENKINS-59077 Jenkins scriptText endpoint returns leading spaces in its response Issue Type: Bug Assignee: Unassigned Components: core Created: 2019-08-26 05:04 Environment: Jenkins version 2.176.2 Priority: Minor Reporter: Sam Gleske Expected Behavior Jenkins version 2.164.2 has the expected behavior. Calling the scriptText script console endpoint to get the Jenkins server version returns just the literal version. curl -XPOST --data-urlencode "script=println Jenkins.instance.version" -H 'Jenkins-Crumb:REDACTED' -H 'Authorization:Basic REDACTED' http://localhost:8080/scriptText Returns 2.164.2 Doing a word count for characters (wc -c) shows 8 characters (7 for the version number + 1 newline at the end because of using the println statement). Expected behavior: scriptText returns only exactly the data that's returned from the script console running. If using Groovy println it returns a trailing newline.
[JIRA] (JENKINS-58479) Failing to retrieve teams
Title: Message Title Sam Gleske commented on JENKINS-58479 Re: Failing to retrieve teams Strange, I can't seem to be able to replicate your issue. You should be able to see your own granted authorities under: https://yourjenkins/whoAmI - when you go here does your GitHub teams show up under granted authorities? Kote Mushegiani Is it possible that you didn't grant your OAuth app permission to view the org and its teams? GitHub now allows orgs to restrict team only to allowed OAuth apps. In that case, the plugin wouldn't be able to query teams of the org. See the earlier comment by Juha Tiensyrjä which is a similar situation as I describe. The risks of being locked out are similar to the risks with other plugins. The only way to recover would be to edit the root config.xml and restoring your access. Personally, I configure my own username in addition to teams to ensure that my specific user doesn't lose access when configuring matrix authorization. Does 0.33 still require referencing the team name by its common name and not slug? Yes, the plugin still has bug JENKINS-34835 where you must reference teams by common name and not slug. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.200615.1562956253000.9322.1566783720173%40Atlassian.JIRA.
[JIRA] (JENKINS-46204) Github oauth cli delete-builds broken
Title: Message Title Sam Gleske closed an issue as Incomplete User didn't report back and my own testing of using GitHub OAuth with Jenkins CLI seems fine. Jenkins / JENKINS-46204 Github oauth cli delete-builds broken Change By: Sam Gleske Status: Open Closed Resolution: Incomplete Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.184447.1502799432000.374.1565448480280%40Atlassian.JIRA.
[JIRA] (JENKINS-47950) 0.28.1 update breaks GHE auth - javax.net.ssl.SSLHandshakeException
Title: Message Title Sam Gleske closed an issue as Cannot Reproduce I'm not able to reproduce the issue. If you can, provide exact steps to reproduce from scratch so that I can help determine if there's an issue in the plugin. Jenkins / JENKINS-47950 0.28.1 update breaks GHE auth - javax.net.ssl.SSLHandshakeException Change By: Sam Gleske Status: Reopened Closed Resolution: Cannot Reproduce Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.186479.1510404865000.372.1565448240195%40Atlassian.JIRA.
[JIRA] (JENKINS-47950) 0.28.1 update breaks GHE auth - javax.net.ssl.SSLHandshakeException
Title: Message Title Sam Gleske commented on JENKINS-47950 Re: 0.28.1 update breaks GHE auth - javax.net.ssl.SSLHandshakeException This is an SSL certificates issue and not something specific to the GitHub OAuth plugin. I have SSL in my own production setups of Jenkins. I'm not able to reproduce this issue myself. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.186479.1510404865000.370.1565448180103%40Atlassian.JIRA.
[JIRA] (JENKINS-52099) jenkins-cli requires Overall/Read permission on anonymous user
Title: Message Title Sam Gleske closed an issue as Cannot Reproduce Closing as can't reproduce. If you give me steps to reproduce the issue I can look into it further. Feel free to re-open if you give reproduction steps. Jenkins / JENKINS-52099 jenkins-cli requires Overall/Read permission on anonymous user Change By: Sam Gleske Status: Open Closed Resolution: Cannot Reproduce Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.191695.1529575282000.365.1565448060522%40Atlassian.JIRA.
[JIRA] (JENKINS-52099) jenkins-cli requires Overall/Read permission on anonymous user
Title: Message Title Sam Gleske commented on JENKINS-52099 Re: jenkins-cli requires Overall/Read permission on anonymous user I can't reproduce this issue. GitHub personal access tokens work in all tests I perform with Jenkins CLI. In all of my testing platforms Anonymous Read access is always revoked so I've tested this scenario several times without issue. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.191695.1529575282000.360.1565448000217%40Atlassian.JIRA.
[JIRA] (JENKINS-52528) Update github-api plugin from 1.77 to 1.93
Title: Message Title Sam Gleske commented on JENKINS-52528 Re: Update github-api plugin from 1.77 to 1.93 Plugins reference older versions of plugins as being "compatible since". This plugin is compatible with the latest release of the github-api plugin. Is there something specific in a newer version of the plugin that you need surfaced here? Bear in mind github-api is a backend plugin and not really reflected in the frontend where users interact. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.192362.153142827.358.1565447880105%40Atlassian.JIRA.
[JIRA] (JENKINS-52956) GitHub Commiter Authorization Strategy - allow users with WRITE to stop builds
Title: Message Title Sam Gleske closed an issue as Duplicate Work done to resolve this issue should be tracked in JENKINS-27844 with a better, more generic rewrite of how permissions in GitHub OAuth are handled. Jenkins / JENKINS-52956 GitHub Commiter Authorization Strategy - allow users with WRITE to stop builds Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.192934.153380777.355.1565447760334%40Atlassian.JIRA.
[JIRA] (JENKINS-53364) github-oauth-plugin -Simpler 403 page
Title: Message Title Sam Gleske closed an issue as Duplicate Jenkins / JENKINS-53364 github-oauth-plugin -Simpler 403 page Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.193450.1535710636000.352.1565447640508%40Atlassian.JIRA.
[JIRA] (JENKINS-57143) JNLP4 error: "Connection closed before acknowledgement sent"
Title: Message Title Sam Gleske resolved as Cannot Reproduce Since I'm not able to reproduce the issue on 0.32 (originally reported) and 0.33 (recently released) version of the plugin I'm going to close this. However, if you can provide reproduction steps I'll look into it further. Jenkins / JENKINS-57143 JNLP4 error: "Connection closed before acknowledgement sent" Change By: Sam Gleske Status: Open Resolved Assignee: Sam Gleske Resolution: Cannot Reproduce Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to
[JIRA] (JENKINS-58479) Failing to retrieve teams
Title: Message Title Sam Gleske commented on JENKINS-58479 Re: Failing to retrieve teams Kote Mushegiani I also forgot to mention that you need to upgrade to github-outh 0.33 because plugin version 0.32 suffers from a critical bug in matrix auth. See JENKINS-57154 for details Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.200615.1562956253000.345.1565446920156%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page Jon Cormier Steve Ims no problem; thanks for reporting back your own testing results since it helps me validate the solution was a fix. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.308.1565446801015%40Atlassian.JIRA.
[JIRA] (JENKINS-58479) Failing to retrieve teams
Title: Message Title Sam Gleske commented on JENKINS-58479 Re: Failing to retrieve teams Kote Mushegiani if you visit https://[you Jenkins instance]/whoAmI all known authorities for your user will be there. If the name you have in matrix auth does not match the name in granted authorities then users will not have access. Find a user who's in the Engineering GitHub team and see what authorities they have granted. I can't reproduce this issue myself. Juha Tiensyrjä can you describe in more detail what, specifically, stopped working? There were definite issues with the 0.32 version of the plugin that were fixed in 0.33. However, the fix was only to backend code on the globalSecurity page and should not have made a difference your configuration itself. Without more detail and steps to reproduce I don't know how else to approach this issue. It passes all of my local testing when trying to reproduce what this issue describes. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.200615.1562956253000.305.1565446620178%40Atlassian.JIRA.
[JIRA] (JENKINS-51657) limit authentication to github organization
Title: Message Title Sam Gleske closed an issue as Duplicate Duplicated by JENKINS-46962 Jenkins / JENKINS-51657 limit authentication to github organization Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.191078.1527869892000.8476.1565066460544%40Atlassian.JIRA.
[JIRA] (JENKINS-55615) Only users from current GitHub organisation should be able to authenticate
Title: Message Title Sam Gleske commented on JENKINS-55615 Re: Only users from current GitHub organisation should be able to authenticate Duplicated by JENKINS-46962 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.196786.1547634818000.8472.1565066400488%40Atlassian.JIRA.
[JIRA] (JENKINS-55615) Only users from current GitHub organisation should be able to authenticate
Title: Message Title Sam Gleske closed an issue as Duplicate Jenkins / JENKINS-55615 Only users from current GitHub organisation should be able to authenticate Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.196786.1547634818000.8470.1565066400453%40Atlassian.JIRA.
[JIRA] (JENKINS-49485) jenkin crashes with {"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Title: Message Title Sam Gleske commented on JENKINS-49485 Re: jenkin crashes with {"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"} The github authorization feature of the github-oauth plugin needs a complete rewrite. The rewrite is tracked in JENKINS-27844. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.188376.151822473.8465.1565066220123%40Atlassian.JIRA.
[JIRA] (JENKINS-49485) jenkin crashes with {"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Title: Message Title Sam Gleske closed an issue as Cannot Reproduce Can't reproduce, this isn't an issue in the plugin. Looking at the comments it's possible the JENKINS_HOME credentials were corrupted by the admin some how. Since this is so old I doubt their Jenkins instance still has these problems. Jenkins / JENKINS-49485 jenkin crashes with {"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"} Change By: Sam Gleske Status: Reopened Closed Resolution: Cannot Reproduce Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.188376.151822473.8462.1565066100288%40Atlassian.JIRA.
[JIRA] (JENKINS-52956) GitHub Commiter Authorization Strategy - allow users with WRITE to stop builds
Title: Message Title Sam Gleske commented on JENKINS-52956 Re: GitHub Commiter Authorization Strategy - allow users with WRITE to stop builds This feature of the github-oauth plugin needs a complete rewrite. The rewrite is tracked in JENKINS-27844. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.192934.153380777.8455.1565065980357%40Atlassian.JIRA.
[JIRA] (JENKINS-52382) Can't stop / cancel private repository builds
Title: Message Title Sam Gleske commented on JENKINS-52382 Re: Can't stop / cancel private repository builds This feature of the github-oauth plugin needs a complete rewrite. The rewrite is tracked in JENKINS-27844. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.192176.1530780622000.8457.1565065980397%40Atlassian.JIRA.
[JIRA] (JENKINS-43615) Security inspector hangs with GitHub OAuth eve on small user number
Title: Message Title Sam Gleske closed an issue as Cannot Reproduce I can't reproduce this issue. If you're able to give me steps to reliably reproduce this issue then feel free to re-open with comments to reproduce. Jenkins / JENKINS-43615 Security inspector hangs with GitHub OAuth eve on small user number Change By: Sam Gleske Status: Open Closed Resolution: Cannot Reproduce Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.181019.1492353651000.8452.1565065740288%40Atlassian.JIRA.
[JIRA] (JENKINS-44920) New GitHub nested teams breaks auth
Title: Message Title Sam Gleske closed an issue as Not A Defect Since GitHub teams API has become more stable the plugin works with nested teams again. Feel free to re-open this if you disagree and provide evidence. I was successfully using nested teams with plugin version 0.31. Jenkins / JENKINS-44920 New GitHub nested teams breaks auth Change By: Sam Gleske Status: Open Closed Resolution: Not A Defect Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.182991.149754132.8449.1565065500263%40Atlassian.JIRA.
[JIRA] (JENKINS-55557) Support oAuth2.0 state parameter
Title: Message Title Sam Gleske commented on JENKINS-7 Re: Support oAuth2.0 state parameter Regardless, thanks for the fix. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.196719.1547398795000.8442.1565064720263%40Atlassian.JIRA.
[JIRA] (JENKINS-55557) Support oAuth2.0 state parameter
Title: Message Title Sam Gleske edited a comment on JENKINS-7 Re: Support oAuth2.0 state parameter Regardless, thanks Thanks for the fix. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.196719.1547398795000.8444.1565064720293%40Atlassian.JIRA.
[JIRA] (JENKINS-55557) Support oAuth2.0 state parameter
Title: Message Title Sam Gleske resolved as Fixed Resolving as fixed in 0.33 (originally attempted rolling out 0.32 but it had critical authorization bugs). In the future, please do not disclose security vulnerabilities like this in the public issue tracker. Responsibly disclose by following https://jenkins.io/security/ Jenkins / JENKINS-7 Support oAuth2.0 state parameter Change By: Sam Gleske Status: Open Resolved Resolution: Fixed Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.196719.1547398795000.8440.1565064480172%40Atlassian.JIRA.
[JIRA] (JENKINS-56997) this.me NullPointerException in GithubAuthenticationToken.java oauth
Title: Message Title Sam Gleske closed an issue as Duplicate Jenkins / JENKINS-56997 this.me NullPointerException in GithubAuthenticationToken.java oauth Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198694.1555110665000.8436.1565064360501%40Atlassian.JIRA.
[JIRA] (JENKINS-56997) this.me NullPointerException in GithubAuthenticationToken.java oauth
Title: Message Title Sam Gleske commented on JENKINS-56997 Re: this.me NullPointerException in GithubAuthenticationToken.java oauth I didn't realize the other issue was a dupe of this one. In any case, I'll close this as a dupe instead. Fix released as https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/github-oauth/0.33/github-oauth-0.33.hpi Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198694.1555110665000.8434.1565064360472%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske resolved as Fixed Jenkins / JENKINS-57154 Regression in github-oauth-plugin 0.32 breaks /configureSecurity page Change By: Sam Gleske Status: In Progress Resolved Resolution: Fixed Released As: 0.33 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.8393.1565064253189%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-57154 Regression in github-oauth-plugin 0.32 breaks /configureSecurity page Change By: Sam Gleske Released As: github-oauth- 0.33 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.8395.1565064253219%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/github-oauth/0.33/github-oauth-0.33.hpi has been release and I verified the fix by upgrading locally to the new version. It should be available in the update center in roughly 8 hours or so. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.8356.1565064249687%40Atlassian.JIRA.
[JIRA] (JENKINS-34835) GitHub team should be referenced by slug not name
Title: Message Title Sam Gleske commented on JENKINS-34835 Re: GitHub team should be referenced by slug not name Visiting localhost whoAmI page on test Jenkins instance revealed that https://github.com/jenkinsci/github-oauth-plugin/pull/116 was only a partial solution. It's not the full solution so the issue isn't fixed. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.170491.1463272209000.8319.1565064120133%40Atlassian.JIRA.
[JIRA] (JENKINS-57143) JNLP4 error: "Connection closed before acknowledgement sent"
Title: Message Title Sam Gleske commented on JENKINS-57143 Re: JNLP4 error: "Connection closed before acknowledgement sent" I'm not able to replicate this issue. We do have authorization bugs in github-oauth 0.32 release but I upgraded to the 0.32 release locally and still can't replicate the issue. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198893.1555967243000.8288.1565060880127%40Atlassian.JIRA.
[JIRA] (JENKINS-57595) with GitHub OAuth plugin 0.31->0.32 Matrix-based security errors
Title: Message Title Sam Gleske closed an issue as Duplicate Closing as duplicate of JENKINS-57154 Jenkins / JENKINS-57595 with GitHub OAuth plugin 0.31->0.32 Matrix-based security errors Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199519.1558510674000.8225.1565059921474%40Atlassian.JIRA.
[JIRA] (JENKINS-34835) GitHub team should be referenced by slug not name
Title: Message Title Sam Gleske started work on JENKINS-34835 Change By: Sam Gleske Status: Open In Progress Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.170491.1463272209000.8186.1565059862068%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske started work on JENKINS-57154 Change By: Sam Gleske Status: Open In Progress Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.8188.1565059862098%40Atlassian.JIRA.
[JIRA] (JENKINS-34835) GitHub team should be referenced by slug not name
Title: Message Title Sam Gleske commented on JENKINS-34835 Re: GitHub team should be referenced by slug not name Fix in github-auth plugin https://github.com/jenkinsci/github-oauth-plugin/pull/116 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.170491.1463272209000.8184.1565059862041%40Atlassian.JIRA.
[JIRA] (JENKINS-34835) GitHub team should be referenced by slug not name
Title: Message Title Sam Gleske assigned an issue to Sam Gleske Jenkins / JENKINS-34835 GitHub team should be referenced by slug not name Change By: Sam Gleske Assignee: Andy Pemberton Sam Gleske Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.170491.1463272209000.8182.1565059620223%40Atlassian.JIRA.
[JIRA] (JENKINS-58479) Failing to retrieve teams
Title: Message Title Sam Gleske commented on JENKINS-58479 Re: Failing to retrieve teams JENKINS-34835 is the original issue. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.200615.1562956253000.8180.1565058240192%40Atlassian.JIRA.
[JIRA] (JENKINS-58479) Failing to retrieve teams
Title: Message Title Sam Gleske commented on JENKINS-58479 Re: Failing to retrieve teams There's a bug in the OAuth plugin where you must reference team name by common name and not by slug. So, if your engineering team is actually Engineering in the GitHub UI, then it must match that. I'll reference the existing issue when I find it. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.200615.1562956253000.8178.1565058180111%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page Here's the fix https://github.com/jenkinsci/github-oauth-plugin/pull/115 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.7559.1564885440807%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page This seems to have been caused by https://github.com/jenkinsci/github-oauth-plugin/pull/109 However, PR 109 is pretty important for how impersonation works. Need to figure out a happy medium. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.7523.1564881421142%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page https://github.com/jenkinsci/github-oauth-plugin/blob/github-oauth-0.32/src/main/java/org/jenkinsci/plugins/GithubSecurityRealm.java#L694-L700 is the problematic section of code Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.7521.1564880944536%40Atlassian.JIRA.
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske edited a comment on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page Okay I was able to replicate the issue. Replication steps: # Have two GitHub users. githubadmin and githubuser for example where githubadmin is a Jenkins admin and github user is a non-admin user in Jenkins. # Have both users log in and authorize with GitHub OAuth. # Configure project-based matrix authorization and add Overall:Read to githubuser and Overall:Administer to githubadmin. # IMPORTANT: On githubuser log into GitHub settings and de-authorize the OAuth app. This means Jenkins will have a token for the user but it won't be valid because the user de-authorized the app. # Using githubadmin I visited the configureSecurity page in Jenkins and got the following stack trace.{noformat}githubuser (name changed intentionally to be generic)java.lang.NullPointerException at org.jenkinsci.plugins.GithubAuthenticationToken.(GithubAuthenticationToken.java:205) at org.jenkinsci.plugins.GithubSecurityRealm.loadUserByUsername(GithubSecurityRealm.java:700) at org.jenkinsci.plugins.matrixauth.AuthorizationContainerDescriptor.doCheckName_(AuthorizationContainerDescriptor.java:140) at hudson.security.GlobalMatrixAuthorizationStrategy$DescriptorImpl.doCheckName(GlobalMatrixAuthorizationStrategy.java:222) at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:408) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:212) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:145) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:535) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:747) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:878) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:280) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:747) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:878) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:676) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:873) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1623) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154) at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:128) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1610) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:105) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1610) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page Okay I was able to replicate the issue. Replication steps: Have two GitHub users. githubadmin and githubuser for example where githubadmin is a Jenkins admin and github user is a non-admin user in Jenkins. Have both users log in and authorize with GitHub OAuth. Configure project-based matrix authorization and add Overall:Read to githubuser and Overall:Administer to githubadmin. IMPORTANT: On githubuser log into GitHub settings and de-authorize the OAuth app. This means Jenkins will have a token for the user but it won't be valid because the user de-authorized the app. Using githubadmin I visited the configureSecurity page in Jenkins and got the following stack trace. githubuser (name changed intentionally to be generic) java.lang.NullPointerException at org.jenkinsci.plugins.GithubAuthenticationToken.(GithubAuthenticationToken.java:205) at org.jenkinsci.plugins.GithubSecurityRealm.loadUserByUsername(GithubSecurityRealm.java:700) at org.jenkinsci.plugins.matrixauth.AuthorizationContainerDescriptor.doCheckName_(AuthorizationContainerDescriptor.java:140) at hudson.security.GlobalMatrixAuthorizationStrategy$DescriptorImpl.doCheckName(GlobalMatrixAuthorizationStrategy.java:222) at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:408) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:212) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:145) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:535) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:747) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:878) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:280) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:747) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:878) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:676) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:873) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1623) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154) at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:128) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1610) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:105) at
[JIRA] (JENKINS-57154) Regression in github-oauth-plugin 0.32 breaks /configureSecurity page
Title: Message Title Sam Gleske commented on JENKINS-57154 Re: Regression in github-oauth-plugin 0.32 breaks /configureSecurity page I've tried a couple of ways to reproduce this locally and I'm not able to reproduce it locally. I configured plugin 0.31 and upgraded to 0.32 with no problems. I'll try another fresh install and use 0.29 since I see others reporting they're upgrading from that version. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.198903.1556022985000.7379.1564879140714%40Atlassian.JIRA.
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Change By: Sam Gleske This is either the same as or is related to JENKINS-53858. Feel free to close this as a duplicate and re-open JENKINS-53858 if it is the same.h2. EnvironmentI'm using a slightly modified version of the EC2 plugin specifically https://github.com/sgleske-ias/ec2-plugin/tree/ias-internal-2 ; it was built from EC2 plugin 1.42-SNAPSHOT before 1.42 was released - but after https://github.com/jenkinsci/ec2-plugin/commit/2f3a04a2d3ce0e51a755792b9d03b4fff4ebe9b3 was merged. So my custom version includes the deadlock fix for JENKINS-53858. - (CORRECTION my version did not include the fix from JENKINS-53858) h2. Deadlock behaviorDuring the deadlock the web UI was responsive. The deadlock blocked:* New items being queued (such as build events submitted through webhooks).* Autoscaling provisioning of new EC2 agents was blocked.* I was not able to delete the 1 EC2 agent that was provisioned but marked as offline because it was deadlocked.There was a "jenkins.util.Timer \[#8\]" thread in which most actions in my Jenkins instance were blocked. This was for the cloud provisioner. Most items that were blocked work blocked by this thread. "jenkins.util.Timer \[#8\]" thread was blocked by "jenkins.util.Timer \[#5\]" thread"jenkins.util.Timer \[#5\]" thread was blocked by waiting on "jenkins.util.Timer \[#8\]" and visa versa.h2. My hypothesisI believe they were blocked by the combination of the Queue lock and the EC2Cloud lock. Each needed both and was waiting on the other.h2. jenkins.util.Timer \[#8\] Thread Dump{noformat}jenkins.util.Timer [#8] at hudson.plugins.ec2.EC2Cloud.connect()Lcom/amazonaws/services/ec2/AmazonEC2; (EC2Cloud.java:748) at hudson.plugins.ec2.CloudHelper.getInstance(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:47) at hudson.plugins.ec2.CloudHelper.getInstanceWithRetry(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:25) at hudson.plugins.ec2.EC2Computer.getState()Lhudson/plugins/ec2/InstanceState; (EC2Computer.java:127) at hudson.plugins.ec2.EC2RetentionStrategy.internalCheck(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:112) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:90) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/model/Computer;)J (EC2RetentionStrategy.java:48) at hudson.slaves.ComputerRetentionWork$1.run()V (ComputerRetentionWork.java:72) at hudson.model.Queue._withLock(Ljava/lang/Runnable;)V (Queue.java:1381) at hudson.model.Queue.withLock(Ljava/lang/Runnable;)V (Queue.java:1258) at hudson.slaves.ComputerRetentionWork.doRun()V (ComputerRetentionWork.java:63) at hudson.triggers.SafeTimerTask.run()V (SafeTimerTask.java:72) at jenkins.security.ImpersonatingScheduledExecutorService$1.run()V
[JIRA] (JENKINS-53858) Deadlock on EC2 resources
Title: Message Title Sam Gleske commented on JENKINS-53858 Re: Deadlock on EC2 resources False alarm. I closed my issue as a duplicate because I realized my version did not include the deadlock fix. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske closed an issue as Duplicate I misspoke. My compiled plugin does not include the deadlock fix. Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Change By: Sam Gleske Status: Open Closed Resolution: Duplicate Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Change By: Sam Gleske This is either the same as or is related to JENKINS-53858. Feel free to close this as a duplicate and re-open JENKINS-53858 if it is the same. h2. EnvironmentI'm using a slightly modified version of the EC2 plugin specifically [ https://github.com/sgleske-ias/ec2-plugin/tree/ias-internal- 1] 2 ; it was built from EC2 plugin 1.42-SNAPSHOT before 1.42 was released but after [ https://github.com/jenkinsci/ec2-plugin/commit/2f3a04a2d3ce0e51a755792b9d03b4fff4ebe9b3 ] was merged. So my custom version includes the deadlock fix for JENKINS-53858. h2. Deadlock behaviorDuring the deadlock the web UI was responsive. The deadlock blocked: * New items being queued (such as build events submitted through webhooks and other kinds of triggers ). * Autoscaling provisioning of new EC2 agents was blocked. * I was not able to delete the 1 EC2 agent that was provisioned but marked as offline because it was deadlocked.There was a * "jenkins.util.Timer \ [#8 \ ]" * thread in which most actions in my Jenkins instance were blocked. This was for the cloud provisioner. Most items that were blocked work blocked by this thread. * "jenkins.util.Timer \ [#8 \ ]" * thread was blocked by * "jenkins.util.Timer \ [#5 \ ]" * thread * "jenkins.util.Timer \ [#5 \ ]" * thread was blocked by waiting on * "jenkins.util.Timer \ [#8 \ ]" * and visa versa. h2. My hypothesisI believe they were blocked by the combination of the Queue lock and the EC2Cloud lock. Each needed both and was waiting on the other. h2. jenkins.util.Timer \ [#8 \ ] Thread Dump {noformat}jenkins.util.Timer [#8] at hudson.plugins.ec2.EC2Cloud.connect()Lcom/amazonaws/services/ec2/AmazonEC2; (EC2Cloud.java:748) at hudson.plugins.ec2.CloudHelper.getInstance(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:47) at hudson.plugins.ec2.CloudHelper.getInstanceWithRetry(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:25) at hudson.plugins.ec2.EC2Computer.getState()Lhudson/plugins/ec2/InstanceState; (EC2Computer.java:127) at hudson.plugins.ec2.EC2RetentionStrategy.internalCheck(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:112) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:90) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/model/Computer;)J (EC2RetentionStrategy.java:48) at hudson.slaves.ComputerRetentionWork$1.run()V (ComputerRetentionWork.java:72) at hudson.model.Queue._withLock(Ljava/lang/Runnable;)V (Queue.java:1381) at hudson.model.Queue.withLock(Ljava/lang/Runnable;)V (Queue.java:1258) at hudson.slaves.ComputerRetentionWork.doRun()V (ComputerRetentionWork.java:63) at hudson.triggers.SafeTimerTask.run()V (SafeTimerTask.java:72) at
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Change By: Sam Gleske This is either the same as or is related to JENKINS-53858. Feel free to close this as a duplicate and re-open JENKINS-53858 if it is the same. h2. EnvironmentI'm using a slightly modified version of the EC2 plugin specifically [ https://github.com/sgleske-ias/ec2-plugin/tree/ias-internal-1 ] ; it was built from EC2 plugin 1.42-SNAPSHOT before 1.42 was released but after [ https://github.com/jenkinsci/ec2-plugin/commit/2f3a04a2d3ce0e51a755792b9d03b4fff4ebe9b3 ] was merged. So my custom version includes the deadlock fix for JENKINS-53858. h2. Deadlock behaviorDuring the deadlock the web UI was responsive. The deadlock blocked: * New items being queued (such as build events submitted through webhooks and other kinds of triggers).* Autoscaling provisioning of new EC2 agents was blocked.* I was not able to delete the 1 EC2 agent that was provisioned but marked as offline because it was deadlocked.There was a * "jenkins.util.Timer \ [#8 \ ]" * thread in which most actions in my Jenkins instance were blocked. This was for the cloud provisioner. Most items that were blocked work blocked by this thread. * "jenkins.util.Timer \ [#8 \ ]" * thread was blocked by * "jenkins.util.Timer \ [#5 \ ]" * thread * "jenkins.util.Timer \ [#5 \ ]" * thread was blocked by waiting on * "jenkins.util.Timer \ [#8 \ ]" * and visa versa. h2. My hypothesisI believe they were blocked by the combination of the Queue lock and the EC2Cloud lock. Each needed both and was waiting on the other. h2. jenkins.util.Timer \ [#8 \ ] Thread Dump {noformat}jenkins.util.Timer [#8] at hudson.plugins.ec2.EC2Cloud.connect()Lcom/amazonaws/services/ec2/AmazonEC2; (EC2Cloud.java:748) at hudson.plugins.ec2.CloudHelper.getInstance(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:47) at hudson.plugins.ec2.CloudHelper.getInstanceWithRetry(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:25) at hudson.plugins.ec2.EC2Computer.getState()Lhudson/plugins/ec2/InstanceState; (EC2Computer.java:127) at hudson.plugins.ec2.EC2RetentionStrategy.internalCheck(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:112) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:90) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/model/Computer;)J (EC2RetentionStrategy.java:48) at hudson.slaves.ComputerRetentionWork$1.run()V (ComputerRetentionWork.java:72) at hudson.model.Queue._withLock(Ljava/lang/Runnable;)V (Queue.java:1381) at hudson.model.Queue.withLock(Ljava/lang/Runnable;)V (Queue.java:1258) at hudson.slaves.ComputerRetentionWork.doRun()V (ComputerRetentionWork.java:63) at hudson.triggers.SafeTimerTask.run()V (SafeTimerTask.java:72) at
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Change By: Sam Gleske This is either the same as or is related to JENKINS-53858. Feel free to close this as a duplicate and re-open JENKINS-53858 if it is the same.h2. EnvironmentI'm using a slightly modified version of the EC2 plugin specifically https://github.com/sgleske-ias/ec2-plugin/tree/ias-internal-1 ; it was built from EC2 plugin 1.42-SNAPSHOT before 1.42 was released but after https://github.com/jenkinsci/ec2-plugin/commit/2f3a04a2d3ce0e51a755792b9d03b4fff4ebe9b3 was merged. So my custom version includes the deadlock fix for JENKINS-53858.h2. Deadlock behaviorDuring the deadlock the web UI was responsive. The deadlock blocked:* New items being queued (such as build events submitted through webhooks and other kinds of triggers ).* Autoscaling provisioning of new EC2 agents was blocked.* I was not able to delete the 1 EC2 agent that was provisioned but marked as offline because it was deadlocked.There was a "jenkins.util.Timer \[#8\]" thread in which most actions in my Jenkins instance were blocked. This was for the cloud provisioner. Most items that were blocked work blocked by this thread. "jenkins.util.Timer \[#8\]" thread was blocked by "jenkins.util.Timer \[#5\]" thread"jenkins.util.Timer \[#5\]" thread was blocked by waiting on "jenkins.util.Timer \[#8\]" and visa versa.h2. My hypothesisI believe they were blocked by the combination of the Queue lock and the EC2Cloud lock. Each needed both and was waiting on the other.h2. jenkins.util.Timer \[#8\] Thread Dump{noformat}jenkins.util.Timer [#8] at hudson.plugins.ec2.EC2Cloud.connect()Lcom/amazonaws/services/ec2/AmazonEC2; (EC2Cloud.java:748) at hudson.plugins.ec2.CloudHelper.getInstance(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:47) at hudson.plugins.ec2.CloudHelper.getInstanceWithRetry(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:25) at hudson.plugins.ec2.EC2Computer.getState()Lhudson/plugins/ec2/InstanceState; (EC2Computer.java:127) at hudson.plugins.ec2.EC2RetentionStrategy.internalCheck(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:112) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:90) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/model/Computer;)J (EC2RetentionStrategy.java:48) at hudson.slaves.ComputerRetentionWork$1.run()V (ComputerRetentionWork.java:72) at hudson.model.Queue._withLock(Ljava/lang/Runnable;)V (Queue.java:1381) at hudson.model.Queue.withLock(Ljava/lang/Runnable;)V (Queue.java:1258) at hudson.slaves.ComputerRetentionWork.doRun()V (ComputerRetentionWork.java:63) at hudson.triggers.SafeTimerTask.run()V (SafeTimerTask.java:72) at jenkins.security.ImpersonatingScheduledExecutorService$1.run()V (ImpersonatingScheduledExecutorService.java:58) at
[JIRA] (JENKINS-53858) Deadlock on EC2 resources
Title: Message Title Sam Gleske commented on JENKINS-53858 Re: Deadlock on EC2 resources Either this bug still exists or maybe I'm experiencing a slightly different bug but similar. Just in case, I filed a new issue with debug details in JENKINS-56986. If you feel mine is a duplicate feel free to close my issue and re-open this issue. I have populated new details (I think after reading comments). Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Change By: Sam Gleske This is either the same as or is related to JENKINS-53858. Feel free to close this as a duplicate and re-open JENKINS-53858 if it is the same.h2. EnvironmentI'm using a slightly modified version of the EC2 plugin specifically https://github.com/sgleske-ias/ec2-plugin/tree/ias-internal-1 ; it was built from EC2 plugin 1.42-SNAPSHOT before 1.42 was released but after https://github.com/jenkinsci/ec2-plugin/commit/2f3a04a2d3ce0e51a755792b9d03b4fff4ebe9b3 was merged. So my custom version includes the deadlock fix for JENKINS-53858.h2. Deadlock behaviorDuring the deadlock the web UI was responsive. The deadlock blocked:* New items being queued (such as build events submitted through webhooks).* Autoscaling provisioning of new EC2 agents was blocked.* I was not able to delete the 1 EC2 agent that was provisioned but marked as offline because it was deadlocked.There was a "jenkins.util.Timer \ [#8 \ ]" thread in which most actions in my Jenkins instance were blocked. This was for the cloud provisioner. Most items that were blocked work blocked by this thread. "jenkins.util.Timer \ [#8 \ ]" thread was blocked by "jenkins.util.Timer \ [#5 \ ]" thread"jenkins.util.Timer \ [#5 \ ]" thread was blocked by waiting on "jenkins.util.Timer \ [# 5 8\ ]" and visa versa. h2. My hypothesisI believe they were blocked by the combination of the Queue lock and the EC2Cloud lock. Each needed both and was waiting on the other.h2. jenkins.util.Timer \[#8\] Thread Dump{noformat}jenkins.util.Timer [#8] at hudson.plugins.ec2.EC2Cloud.connect()Lcom/amazonaws/services/ec2/AmazonEC2; (EC2Cloud.java:748) at hudson.plugins.ec2.CloudHelper.getInstance(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:47) at hudson.plugins.ec2.CloudHelper.getInstanceWithRetry(Ljava/lang/String;Lhudson/plugins/ec2/EC2Cloud;)Lcom/amazonaws/services/ec2/model/Instance; (CloudHelper.java:25) at hudson.plugins.ec2.EC2Computer.getState()Lhudson/plugins/ec2/InstanceState; (EC2Computer.java:127) at hudson.plugins.ec2.EC2RetentionStrategy.internalCheck(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:112) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/plugins/ec2/EC2Computer;)J (EC2RetentionStrategy.java:90) at hudson.plugins.ec2.EC2RetentionStrategy.check(Lhudson/model/Computer;)J (EC2RetentionStrategy.java:48) at hudson.slaves.ComputerRetentionWork$1.run()V (ComputerRetentionWork.java:72) at hudson.model.Queue._withLock(Ljava/lang/Runnable;)V (Queue.java:1381) at hudson.model.Queue.withLock(Ljava/lang/Runnable;)V (Queue.java:1258) at hudson.slaves.ComputerRetentionWork.doRun()V (ComputerRetentionWork.java:63) at hudson.triggers.SafeTimerTask.run()V (SafeTimerTask.java:72) at jenkins.security.ImpersonatingScheduledExecutorService$1.run()V (ImpersonatingScheduledExecutorService.java:58) at
[JIRA] (JENKINS-56986) Deadlock on EC2 resources and build queue
Title: Message Title Sam Gleske created an issue Jenkins / JENKINS-56986 Deadlock on EC2 resources and build queue Issue Type: Bug Assignee: FABRIZIO MANFREDI Components: ec2-plugin Created: 2019-04-11 23:21 Environment: Jenkins version 2.150.2 ace-editor 1.1 ansicolor 0.6.2 antisamy-markup-formatter 1.5 apache-httpcomponents-client-4-api 4.5.5-3.0 authentication-tokens 1.3 aws-credentials 1.24 aws-java-sdk 1.11.457 badge 1.7 basic-branch-build-strategies 1.1.1 blueocean 1.10.2 blueocean-autofavorite 1.2.3 blueocean-bitbucket-pipeline 1.10.2 blueocean-commons 1.10.2 blueocean-config 1.10.2 blueocean-core-js 1.10.2 blueocean-dashboard 1.10.2 blueocean-display-url 2.2.0 blueocean-events 1.10.2 blueocean-git-pipeline 1.10.2 blueocean-github-pipeline 1.10.2 blueocean-i18n 1.10.2 blueocean-jira 1.10.2 blueocean-jwt 1.10.2 blueocean-personalization 1.10.2 blueocean-pipeline-api-impl 1.10.2 blueocean-pipeline-editor 1.10.2 blueocean-pipeline-scm-api 1.10.2 blueocean-rest 1.10.2 blueocean-rest-impl 1.10.2 blueocean-web 1.10.2 bouncycastle-api 2.17 branch-api 2.1.2 cloudbees-bitbucket-branch-source 2.4.1 cloudbees-folder 6.7 cobertura 1.13 code-coverage-api 1.0.7 command-launcher 1.3 config-file-provider 3.5 credentials 2.1.18 credentials-binding 1.17 dashboard-view 2.10 display-url-api 2.3.0 docker-commons 1.13 docker-workflow 1.17 durable-task 1.29 ec2 1.42-SNAPSHOT (private-2daf3555-samgleske) email-ext 2.63 embeddable-build-status 1.9 favorite 2.3.2 git 3.9.3 git-client 2.7.6 git-server 1.7 github 1.29.3 github-api 1.95 github-autostatus 3.2 github-branch-source 2.4.2 github-oauth 0.31 groovy 2.1 groovy-postbuild 2.4.3 handlebars 1.1.1 handy-uri-templates-2-api 2.1.6-1.0 htmlpublisher 1.18 jackson2-api 2.9.8 javadoc 1.4 jdk-tool 1.2 jenkins-design-language 1.10.2 jira 3.0.5 jira-steps 1.4.4 job-dsl 1.71 job-restrictions 0.8 jquery-detached 1.2.1 jsch 0.1.55 junit 1.27 lockable-resources 2.4 mailer 1.23 mask-passwords 2.12.0 matrix-auth 2.3 matrix-project 1.13 maven-plugin 3.2 mercurial 2.5 momentjs 1.1.1 node-iterator-api 1.5.0 pipeline-build-step 2.7 pipeline-github 2.1 pipeline-githubnotify-step 1.0.4 pipeline-graph-analysis 1.9 pipeline-input-step 2.9 pipeline-milestone-step 1.3.1 pipeline-model-api 1.3.4.1 pipeline-model-declarative-agent 1.1.1 pipeline-model-definition 1.3.4.1 pipeline-model-extensions 1.3.4.1 pipeline-multibranch-defaults 2.0 pipeline-rest-api 2.10 pipeline-stage-step 2.3 pipeline-stage-tags-metadata 1.3.4.1 pipeline-stage-view 2.10 plain-credentials 1.5 pubsub-light 1.12
[JIRA] (JENKINS-56693) Support wiping GitHub API response cache via static method
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56693 Support wiping GitHub API response cache via static method Change By: Sam Gleske I generate jobs via Job DSL plugin scripts. One of the actions I perform is to search GitHub authorizations for whether or not a service account user (configured in Jenkins settings) has admin access via GitHub team for registering webhooks (via github branch source in multibranch pipelines) . I do that in a freestyle job the following groovy postbuild step (after executing job DSL scripts) : {code :java }if(!(new GitHubRepositoryName(host, namespace, repo)).resolveOne()?.hasAdminAccess()) {throw new Exception('''|ERROR: please make "example" GitHub team an admin of your repository. Otherwise, webhooks can't be automatically registered.'''.stripMargin().trim())}{code} However, when users generating jobs add their "example" team and try to generate jobs again they get the same error. This is because the GitHub plugin caches API responses from GitHub including authorizations. I understand why this optimization is in place (to avoid hitting GitHub API limits).It would be nice to easily and simply clear the cached responses of the GitHub client. Here's how I'm wiping the cached responses today.Job DSL script code {code :java }/** * Clear the authorization cache so that we can immediately discover new * permissions for generating a job. This will wipe and create a fresh cache * when a user generates a job. This is nessary to detect adding the "RE * Admin" GitHub team. * * Source code paths * GitHubClientCacheOps https://github.com/jenkinsci/github-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github/internal/GitHubClientCacheOps.java * GitHubLoginFunction https://github.com/jenkinsci/github-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github/internal/GitHubLoginFunction.java * GitHubPluginConfig https://github.com/jenkinsci/github-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github/config/GitHubPluginConfig.java * GitHubServerConfig https://github.com/jenkinsci/github-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github/config/GitHubServerConfig.java * * Additional Information: * Usage of uberClassLoader and getExtensionList are because of * limitations in the Job DSL plugin. These are helper functions provided * by Jenkins core which helps work around classloader limitations (i.e. * classes not available to import) */void wipeAuthorizationCache() {Class github_cache_ops = Jenkins.instance.pluginManager.uberClassLoader.loadClass('org.jenkinsci.plugins.github.internal.GitHubClientCacheOps')List github_server_configs = Jenkins.instance.getExtensionList('org.jenkinsci.plugins.github.config.GitHubPluginConfig')[0].configsgithub_server_configs.each { github_server_config ->github_cache_ops.toCacheDir().apply(github_server_config).delete()github_server_config.setCachedClient(null)def
[JIRA] (JENKINS-56693) Support wiping GitHub API response cache via static method
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-56693 Support wiping GitHub API response cache via static method Change By: Sam Gleske Summary: Support wiping GitHub API response cache via static method Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-56693) Support wiping GitHub API cache via static method
Title: Message Title Sam Gleske created an issue Jenkins / JENKINS-56693 Support wiping GitHub API cache via static method Issue Type: New Feature Assignee: Kirill Merkushev Components: github-plugin Created: 2019-03-22 22:30 Priority: Minor Reporter: Sam Gleske I generate jobs via Job DSL plugin scripts. One of the actions I perform is to search GitHub authorizations for whether or not a user has admin access via GitHub team. I do that in a job the following groovy postbuild step: if(!(new GitHubRepositoryName(host, namespace, repo)).resolveOne()?.hasAdminAccess()) { throw new Exception(''' |ERROR: please make "example" GitHub team an admin of your repository. Otherwise, webhooks can't be automatically registered. '''.stripMargin().trim()) } However, when users generating jobs add their "example" team and try to generate jobs again they get the same error. This is because the GitHub plugin caches API responses from GitHub including authorizations. I understand why this optimization is in place (to avoid hitting GitHub API limits). It would be nice to easily and simply clear the cached responses of the GitHub client. Here's how I'm wiping the cached responses today. Job DSL script code /** * Clear the authorization cache so that we can immediately discover new * permissions for generating a job. This will wipe and create a fresh cache * when a user generates a job. This is nessary to detect adding the "RE * Admin" GitHub team. * * Source code paths *
[JIRA] (JENKINS-54936) 0.30 version not yet released for Github Authentication Plugin
Title: Message Title Sam Gleske updated JENKINS-54936 Jenkins / JENKINS-54936 0.30 version not yet released for Github Authentication Plugin Change By: Sam Gleske Status: Open Fixed but Unreleased Resolution: Fixed Released As: github-oauth-0.31 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-54936) 0.30 version not yet released for Github Authentication Plugin
Title: Message Title Sam Gleske commented on JENKINS-54936 Re: 0.30 version not yet released for Github Authentication Plugin Hi 0.30 was a security release and did not include the changes which were unreleased in master at the time that you opened this issue. However, 0.31 was released a few minutes ago which contains a few fixes plus the user cache changes which were formerly unreleased. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-54936) 0.30 version not yet released for Github Authentication Plugin
Title: Message Title Sam Gleske updated JENKINS-54936 Jenkins / JENKINS-54936 0.30 version not yet released for Github Authentication Plugin Change By: Sam Gleske Status: Fixed but Unreleased Resolved Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-54031) GitHub OAuth plugin fails with Jenkins 2.146
Title: Message Title Sam Gleske updated an issue Jenkins / JENKINS-54031 GitHub OAuth plugin fails with Jenkins 2.146 Change By: Sam Gleske Released As: github-oauth- 0.31 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-54031) GitHub OAuth plugin fails with Jenkins 2.146
Title: Message Title Sam Gleske updated JENKINS-54031 Jenkins / JENKINS-54031 GitHub OAuth plugin fails with Jenkins 2.146 Change By: Sam Gleske Status: Fixed but Unreleased Resolved Released As: 0.31 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-54031) GitHub OAuth plugin fails with Jenkins 2.146
Title: Message Title Sam Gleske commented on JENKINS-54031 Re: GitHub OAuth plugin fails with Jenkins 2.146 A few minutes ago I released 0.31 which includes https://github.com/jenkinsci/github-oauth-plugin/pull/103. This should be resolved. Please re-open if not. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-54031) GitHub OAuth plugin fails with Jenkins 2.146
Title: Message Title Sam Gleske updated JENKINS-54031 Jenkins / JENKINS-54031 GitHub OAuth plugin fails with Jenkins 2.146 Change By: Sam Gleske Status: Open Fixed but Unreleased Resolution: Fixed Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-51359) Unclear documentation class restriction validation claims classes that exist are not found
Title: Message Title Sam Gleske commented on JENKINS-51359 Re: Unclear documentation class restriction validation claims classes that exist are not found Ilya Evseenkov I opened a PR which fixes the error you experienced https://github.com/jenkinsci/job-restrictions-plugin/pull/23 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.