-
Bug
-
Resolution: Fixed
-
Critical
-
Jenkins 2.7.1, Debian Stable/Jessie (8.5)
I am not sure if this belongs in Jenkins, website or infra, so I chose Jenkins because it appears the main project. If incorrect, my apologies for my mistake. I am new here.
Installing Jenkins on Debian stable, as per the official instructions, fails completely. This problem appears to be introduced on 2016/07/14, when Jenkins version 2.7.1 was added to the repository.
The command apt-get install jenkins will invariably result in:
E: Failed to fetch http://pkg.jenkins-ci.org/debian-stable/binary/jenkins_2.7.1_all.deb Size mismatch
So far, I have:
- Reproduced this failure on at least 3 freshly installed Debian Stable systems.
- Reproduced this failure from different geo-locations to rule out a localized failures.
- Disabled APT caching systems to rule these out as the source of the problem.
Manually downloading and installing the package does work, so the integrity of the deb package itself appears to be okay. It appears to be a corruption in the repository itself. The result is that installing Jenkins through APT on Debian stable (and maybe elsewhere) has become impossible. Upgrading it is probably also impossible.
Because I was expecting this would have been noticed by more people already (and reported by now), I was first mostly searching for causes on my own end. I think I have ruled any of those out by now.
Edit:
The MD5 of both the manually downloaded (and successfully installed) package and the one that fails to install through APT are the same, so it really has to be a problem with the repository and not the package itself.
26eb48db6c1b369c2033e54c5a9062e3 jenkins_2.7.1_all.deb
26eb48db6c1b369c2033e54c5a9062e3 jenkins_2.7.1_all.deb.FAILED
Edit:
Installing any older version of Jenkins through APT, as a possible workaround, also proved impossible because older versions are not, or no longer, included in the Debian repository. The deb packages themselves exists and can be manually downloaded, but they can not be downloaded through APT. This could be just the result of a good police choice, to not clutter the repository with old versions. However, in this particular case it is rather unfortunate at the same time.