Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38138

Git plugin over HTTP with TFS 2015 causes authorization error

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • git-plugin
    • jenkinsci/jenkins:2.21 (Docker image)

      Bug in that our build last worked on 30th August - I've noticed two updates to the plugin since on the 2nd and 10th of September. When I upgrade the plugin for compatibility with Blue Ocean project I started to get this issue.

      The server in question works OK from local machine with same credentials as are saved in Jenkins Credential Manager.

      I've looked at the similar issues which may be around HTTPs certificates - in this instance we're using plain HTTP for this server.

      Using pipeline plugin.

      Started by user anonymous
      [Pipeline] node
      Running on master in /var/jenkins_home/workspace/API tests
      [Pipeline]

      { [Pipeline] git > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url http://project/myprojectA.git # timeout=10 Fetching upstream changes from http://project/myprojectA.git > git --version # timeout=10 using GIT_ASKPASS to set credentials SVCACC service account > git fetch --tags --progress http://project/myprojectA.git +refs/heads/*:refs/remotes/origin/* ERROR: Error fetching remote repo 'origin' hudson.plugins.git.GitException: Failed to fetch from http://project/myprojectA.git at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:797) at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1051) at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1082) at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:109) at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:83) at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:73) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:52) at hudson.security.ACL.impersonate(ACL.java:221) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:49) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: hudson.plugins.git.GitException: Command "git fetch --tags --progress http://project/myprojectA.git +refs/heads/*:refs/remotes/origin/*" returned status code 128: stdout: stderr: fatal: Authentication failed for 'http://project/myprojectA.git/' at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1752) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1495) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:64) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:315) at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:795) ... 13 more [Pipeline] }

      [Pipeline] // node
      [Pipeline] End of Pipeline
      ERROR: null
      Finished: FAILURE

          [JENKINS-38138] Git plugin over HTTP with TFS 2015 causes authorization error

          Mark Waite added a comment -

          If you revert the git client plugin back to 1.21.0 and the git plugin back to 2.6.0, does that resolve the problem?

          Are there any particularly interesting characters in the password which is being used (like "&")?

          Mark Waite added a comment - If you revert the git client plugin back to 1.21.0 and the git plugin back to 2.6.0, does that resolve the problem? Are there any particularly interesting characters in the password which is being used (like "&")?

          Alex Ellis added a comment -

          markewaite I have tried to roll-back but the option is not available, it's locked at the current version - I've tried removing everything and re-creating the box with the latest Jenkins image and with Jenkins 2.0 from the Docker Hub.

          I have tried a password with [a-zA-Z] and it's still not getting me any further.

          Alex Ellis added a comment - markewaite I have tried to roll-back but the option is not available, it's locked at the current version - I've tried removing everything and re-creating the box with the latest Jenkins image and with Jenkins 2.0 from the Docker Hub. I have tried a password with [a-zA-Z] and it's still not getting me any further.

          Alex Ellis added a comment -

          If Git is updated on any more of our sandboxes then I think we're going to be completely stuck.

          Alex Ellis added a comment - If Git is updated on any more of our sandboxes then I think we're going to be completely stuck.

          Code changed in jenkins
          User: Mark Waite
          Path:
          src/main/java/org/jenkinsci/plugins/gitclient/CliGitAPIImpl.java
          src/test/java/org/jenkinsci/plugins/gitclient/CliGitAPIImplAuthTest.java
          http://jenkins-ci.org/commit/git-client-plugin/f7b7cb995f5aaf22dcc49ccc48b980e5d1ce7ecc
          Log:
          Test JENKINS-40116, JENKINS-38194, JENKINS-38179 & JENKINS-38138

          Confirm that characters which Windows requires be escaped in a batch
          file can be used as characters in a git password (as used through https
          with a username / password combination).

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Mark Waite Path: src/main/java/org/jenkinsci/plugins/gitclient/CliGitAPIImpl.java src/test/java/org/jenkinsci/plugins/gitclient/CliGitAPIImplAuthTest.java http://jenkins-ci.org/commit/git-client-plugin/f7b7cb995f5aaf22dcc49ccc48b980e5d1ce7ecc Log: Test JENKINS-40116 , JENKINS-38194 , JENKINS-38179 & JENKINS-38138 Confirm that characters which Windows requires be escaped in a batch file can be used as characters in a git password (as used through https with a username / password combination).

          Mark Waite added a comment -

          If you'd like to test a prototype build, for a short time it will be available from the ci.jenkins.io server. Upload it manually, restart your Jenkins server, and see if it helps in your case.

          Mark Waite added a comment - If you'd like to test a prototype build, for a short time it will be available from the ci.jenkins.io server. Upload it manually, restart your Jenkins server, and see if it helps in your case.

          Mark Waite added a comment -

          Believed to be fixed in git client plugin 2.2.1 16 Jan 2016

          Mark Waite added a comment - Believed to be fixed in git client plugin 2.2.1 16 Jan 2016

            markewaite Mark Waite
            alexellisadp Alex Ellis
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: