Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-16264

Posting config.xml to master node advertised to work

      The POST action of config.xml to /computer on 'master' node doesn't work.
      If I go to "/computer/(master)/api" page, it says that the config.xml can be fetched and updated but it doesn't work that way.

      I just took a look at the code and it looks like the "replaceBy(Node newNode)" function on "core/src/main/java/hudson/model/Computer.java" uses the "getNodes()" function defined in "core/src/main/java/jenkins/model/Jenkins.java" which returns only the slaves and NOT the master. Is it an expected behavior? Shouldn't we be able to POST config.xml to master node? It has a lot of options that can be customized and posting the config.xml will help greatly.

          [JENKINS-16264] Posting config.xml to master node advertised to work

          The following is the error message from the POST to 'master' node.

          Status Code: 500

          Exception: This slave appears to be removed while you were editing the configuration
          Stacktrace:
          java.io.IOException: This slave appears to be removed while you were editing the configuration
          at hudson.model.Computer.replaceBy(Computer.java:1206)
          at hudson.model.Computer.doConfigDotXml(Computer.java:1187)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:288)
          at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:151)
          at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:90)
          at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:111)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658)
          at org.kohsuke.stapler.MetaClass$12.dispatch(MetaClass.java:384)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:203)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:487)
          at org.kohsuke.stapler.Stapler.service(Stapler.java:164)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:45)
          at winstone.ServletConfiguration.execute(ServletConfiguration.java:248)
          at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:376)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:95)
          at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:87)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
          at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:124)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
          at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
          at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
          at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215)
          at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
          at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
          at java.util.concurrent.FutureTask.run(FutureTask.java:138)
          at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
          at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
          at java.lang.Thread.run(Thread.java:662)

          Kannan Manickam added a comment - The following is the error message from the POST to 'master' node. Status Code: 500 Exception: This slave appears to be removed while you were editing the configuration Stacktrace: java.io.IOException: This slave appears to be removed while you were editing the configuration at hudson.model.Computer.replaceBy(Computer.java:1206) at hudson.model.Computer.doConfigDotXml(Computer.java:1187) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:288) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:151) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:90) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:111) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658) at org.kohsuke.stapler.MetaClass$12.dispatch(MetaClass.java:384) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:203) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:487) at org.kohsuke.stapler.Stapler.service(Stapler.java:164) at javax.servlet.http.HttpServlet.service(HttpServlet.java:45) at winstone.ServletConfiguration.execute(ServletConfiguration.java:248) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:376) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:95) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:87) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:124) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662)

          Jesse Glick added a comment -

          This is not supposed to work I think; config.xml is for a slave. Probably accidental that the /api description page in this case mentions it.

          Being able to GET/POST /config.xml (as opposed to /computer/(master)/config.xml) may well be useful, though that would be an RFE and it is complicated by the fact that Jenkins global configuration lives not just in $JENKINS_HOME/config.xml but in a number of other files as well.

          Jesse Glick added a comment - This is not supposed to work I think; config.xml is for a slave. Probably accidental that the /api description page in this case mentions it. Being able to GET/POST /config.xml (as opposed to /computer/(master)/config.xml ) may well be useful, though that would be an RFE and it is complicated by the fact that Jenkins global configuration lives not just in $JENKINS_HOME/config.xml but in a number of other files as well.

          Yes. The documentation is misleading. But the `/computer/(master)/config.xml` has good amount of configuration and it will be helpful to change some attributes through the API. I also noticed that posting config.xml to `/view/example_view/config.xml` was also not working.

          Kannan Manickam added a comment - Yes. The documentation is misleading. But the `/computer/(master)/config.xml` has good amount of configuration and it will be helpful to change some attributes through the API. I also noticed that posting config.xml to `/view/example_view/config.xml` was also not working.

          Jesse Glick added a comment -

          Let me try to clear this up so there is one and only one issue per JIRA ticket. Otherwise it is impossible to ever close anything.

          First, it is an accident that GET /computer/(master)/config.xml does anything. This Computer.doConfigDotXml was designed to retrieve configuration of a slave, not Jenkins as a whole; POST to an actual slave does work (AFAIK). This bug, JENKINS-16264, I am leaving open to represent the fact that this URI misleadingly returns anything, and is advertised to exist in any api.jelly; it is not a bug that it rejects POST.

          Second, if you want to be able (as someone with ADMINISTER permission) to GET or POST the URI /config.xml, and/or other global config files (nodeMonitors.xml, hudson.model.UpdateCenter.xml, etc.), that would be a separate RFE. There may be security or robustness difficulties in allowing such changes to be made via REST, though.

          Third, POST /view/*/config.xml is supposed to work; if it does not, that would be a separate bug.

          Jesse Glick added a comment - Let me try to clear this up so there is one and only one issue per JIRA ticket. Otherwise it is impossible to ever close anything. First, it is an accident that GET /computer/(master)/config.xml does anything. This Computer.doConfigDotXml was designed to retrieve configuration of a slave , not Jenkins as a whole; POST to an actual slave does work (AFAIK). This bug, JENKINS-16264 , I am leaving open to represent the fact that this URI misleadingly returns anything, and is advertised to exist in any api.jelly ; it is not a bug that it rejects POST . Second, if you want to be able (as someone with ADMINISTER permission) to GET or POST the URI /config.xml , and/or other global config files ( nodeMonitors.xml , hudson.model.UpdateCenter.xml , etc.), that would be a separate RFE. There may be security or robustness difficulties in allowing such changes to be made via REST, though. Third, POST /view/*/config.xml is supposed to work; if it does not, that would be a separate bug.

          Jesse,

          Thank you for clearing this up. I'll check the posting to view once again after updating my jenkins and open a separate bug if it doesn't work.

          Kannan Manickam added a comment - Jesse, Thank you for clearing this up. I'll check the posting to view once again after updating my jenkins and open a separate bug if it doesn't work.

          Jesse Glick added a comment -

          One other note: /computer/(master)/configure is meaningful, and distinct from /configure—you can configure number of executors, labels, and node properties for the master computer. But /computer/(master)/config.xml displays all of $JENKINS_HOME/config.xml which includes a lot of stuff unrelated to the use of master as a computer.

          Jesse Glick added a comment - One other note: /computer/(master)/configure is meaningful, and distinct from /configure —you can configure number of executors, labels, and node properties for the master computer. But /computer/(master)/config.xml displays all of $JENKINS_HOME/config.xml which includes a lot of stuff unrelated to the use of master as a computer.

          Damon G added a comment - - edited

          I think I understand both cases described here. It sounds similar but not identical something related I see. I thought I'd check before logging a separate defect.

          LDAP authentication is enabled on my master.
          I have an api token associated with my user. (I have admin privileges).
          I'm attempting to retrieve the config.xml for a particular computer using basic authentication in groovy.
          For instance:

          http://myjenkins/computer/a-slave-node-computername/config.xml?token=TOKEN
          I'm passing in my username and my token for the password field.

          I get a 403 error.

          I think what your saying is that I should be expecting a 403 unless the code was enhanced to allow a GET on the computer config using a token.

          I'm at build 1.505

          Is this a separate issue or an RFE? I realize the error described above is not a 403 but another exception. I still wasn't sure if that was because the GET was attempted for the master...and in my case it's a request for slave node configuration.

          Thanks!

          Damon G added a comment - - edited I think I understand both cases described here. It sounds similar but not identical something related I see. I thought I'd check before logging a separate defect. LDAP authentication is enabled on my master. I have an api token associated with my user. (I have admin privileges). I'm attempting to retrieve the config.xml for a particular computer using basic authentication in groovy. For instance: http://myjenkins/computer/a-slave-node-computername/config.xml?token=TOKEN I'm passing in my username and my token for the password field. I get a 403 error. I think what your saying is that I should be expecting a 403 unless the code was enhanced to allow a GET on the computer config using a token. I'm at build 1.505 Is this a separate issue or an RFE? I realize the error described above is not a 403 but another exception. I still wasn't sure if that was because the GET was attempted for the master...and in my case it's a request for slave node configuration. Thanks!

          Jesse Glick added a comment -

          @damong I am not sure why you expect token to be usable in a query string like this. You API token is to be used for HTTP BASIC authentication. Take it to the user list.

          Jesse Glick added a comment - @damong I am not sure why you expect token to be usable in a query string like this. You API token is to be used for HTTP BASIC authentication. Take it to the user list.

          I agree with @jesse. Also the 403 looks like it is because you have the CSRF enabled on your server and you are not sending the crumb.

          Kannan Manickam added a comment - I agree with @jesse. Also the 403 looks like it is because you have the CSRF enabled on your server and you are not sending the crumb.

          Damon G added a comment -

          So sorry. I must have misunderstood the wiki. I removed the token part of the query string and it worked! Thanks so much.

          Damon G added a comment - So sorry. I must have misunderstood the wiki. I removed the token part of the query string and it worked! Thanks so much.

          Damon G added a comment -

          I have to take that comment back. It doesn't work. I thought it was working because my attempt above used cashed credentials I had open in another browser tab. I don't have CSRF enabled. I'll take it to the forums though.

          Damon G added a comment - I have to take that comment back. It doesn't work. I thought it was working because my attempt above used cashed credentials I had open in another browser tab. I don't have CSRF enabled. I'll take it to the forums though.

          Daniel Beck added a comment -

          Daniel Beck added a comment - https://github.com/jenkinsci/jenkins/pull/1258

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly
          http://jenkins-ci.org/commit/jenkins/af67ae868e0d150e4d73e48a301c831bc2732b0c
          Log:
          [FIX JENKINS-16264] Don't advertise POSTing config.xml on master

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly http://jenkins-ci.org/commit/jenkins/af67ae868e0d150e4d73e48a301c831bc2732b0c Log: [FIX JENKINS-16264] Don't advertise POSTing config.xml on master

          Code changed in jenkins
          User: Oliver Gondža
          Path:
          core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly
          http://jenkins-ci.org/commit/jenkins/bdfcd2625381e3e9153c1de5ead82abe96ab1c16
          Log:
          Merge pull request #1258 from daniel-beck/JENKINS-16264

          [FIX JENKINS-16264] Don't advertise POSTing config.xml on master

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oliver Gondža Path: core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly http://jenkins-ci.org/commit/jenkins/bdfcd2625381e3e9153c1de5ead82abe96ab1c16 Log: Merge pull request #1258 from daniel-beck/ JENKINS-16264 [FIX JENKINS-16264] Don't advertise POSTing config.xml on master

          dogfood added a comment -

          Integrated in jenkins_main_trunk #3424
          [FIX JENKINS-16264] Don't advertise POSTing config.xml on master (Revision af67ae868e0d150e4d73e48a301c831bc2732b0c)

          Result = SUCCESS
          daniel-beck : af67ae868e0d150e4d73e48a301c831bc2732b0c
          Files :

          • core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly

          dogfood added a comment - Integrated in jenkins_main_trunk #3424 [FIX JENKINS-16264] Don't advertise POSTing config.xml on master (Revision af67ae868e0d150e4d73e48a301c831bc2732b0c) Result = SUCCESS daniel-beck : af67ae868e0d150e4d73e48a301c831bc2732b0c Files : core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly

          Daniel Beck added a comment -

          Bot seems to not have picked up the change.

          It's no longer being advertised to work.

          File a feature request if you want to be able to do this.

          Daniel Beck added a comment - Bot seems to not have picked up the change. It's no longer being advertised to work. File a feature request if you want to be able to do this.

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly
          http://jenkins-ci.org/commit/jenkins/0a102cddd72f634f6ded56863d6b31befaa4d969
          Log:
          [FIX JENKINS-16264] Don't advertise POSTing config.xml on master

          (cherry picked from commit af67ae868e0d150e4d73e48a301c831bc2732b0c)

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly http://jenkins-ci.org/commit/jenkins/0a102cddd72f634f6ded56863d6b31befaa4d969 Log: [FIX JENKINS-16264] Don't advertise POSTing config.xml on master (cherry picked from commit af67ae868e0d150e4d73e48a301c831bc2732b0c)

            danielbeck Daniel Beck
            arangamani Kannan Manickam
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: