-
Bug
-
Resolution: Fixed
-
Critical
-
None
-
1.0.0-rc4
· Core 2.53
· 2119ac5
· (no branch)
· 3rd April 2017 11:50 PM
Windows Server 2012R2
Chrome
-
-
Blue Ocean - 1.1-beta-1
Problem
Pipeline creation in Blue Ocean stores tokens, passwords and SSH keys against the user. If you do not have security setup and are logged in as a valid user, then creation cannot work.
Solution
Close off creation and let the user know their Jenkins needs security enabled. Creation is then re-enabled when security is ON.
Original request
When I click at "Create Pipeline" and choose "Git" at "Where do you store your code" I still wait forever.
Demo in Attachment
Version:
1.0.0-rc4 · Core 2.53 · 2119ac5 · (no branch) · 3rd April 2017 11:50 PM
Plugin-List: (All Update at 5/april 09h)
ace-editor.jpi active-directory.jpi ant.jpi antisamy-markup-formatter.jpi authentication-tokens.jpi bds-plugin.jpi blueocean-autofavorite.jpi blueocean-commons.jpi blueocean-config.jpi blueocean-dashboard.jpi blueocean-display-url.jpi blueocean-events.jpi blueocean-git-pipeline.jpi blueocean-github-pipeline.jpi blueocean-i18n.jpi blueocean-jwt.jpi blueocean-personalization.jpi blueocean-pipeline-api-impl.jpi blueocean-pipeline-editor.jpi blueocean-rest-impl.jpi blueocean-rest.jpi blueocean-web.jpi blueocean.jpi bouncycastle-api.jpi branch-api.jpi build-timeout.jpi change-assembly-version-plugin.jpi cloudbees-folder.jpi credentials-binding.jpi credentials.jpi display-url-api.jpi docker-commons.jpi docker-workflow.jpi durable-task.jpi email-ext.jpi emma.jpi envinject.jpi external-monitor-job.jpi favorite.jpi git-client.jpi git-server.jpi git.jpi github-api.jpi github-branch-source.jpi github-organization-folder.jpi github.jpi gitlab-hook.jpi gitlab-logo.jpi gitlab-oauth.jpi gitlab-plugin.jpi gradle.jpi handlebars.jpi icon-shim.jpi jackson2-api.jpi javadoc.jpi jquery-detached.jpi jquery.jpi junit.jpi ldap.jpi lockable-resources.jpi mailer.jpi mapdb-api.jpi matrix-auth.jpi matrix-project.jpi maven-plugin.jpi metrics.jpi momentjs.jpi msbuild.jpi mstest.jpi mstestrunner.jpi pam-auth.jpi pipeline-build-step.jpi pipeline-github-lib.jpi pipeline-graph-analysis.jpi pipeline-input-step.jpi pipeline-milestone-step.jpi pipeline-model-api.jpi pipeline-model-declarative-agent.jpi pipeline-model-definition.jpi pipeline-model-extensions.jpi pipeline-rest-api.jpi pipeline-stage-step.jpi pipeline-stage-tags-metadata.jpi pipeline-stage-view.jpi plain-credentials.jpi pubsub-light.jpi resource-disposer.jpi rocketchatnotifier.jpi ruby-runtime.jpi scm-api.jpi script-security.jpi slack.jpi sonar.jpi sse-gateway.jpi ssh-credentials.jpi ssh-slaves.jpi structs.jpi subversion.jpi timestamper.jpi token-macro.jpi variant.jpi vstestrunner.jpi windows-slaves.jpi workflow-aggregator.jpi workflow-api.jpi workflow-basic-steps.jpi workflow-cps-global-lib.jpi workflow-cps.jpi workflow-durable-task-step.jpi workflow-job.jpi workflow-multibranch.jpi workflow-scm-step.jpi workflow-step-api.jpi workflow-support.jpi ws-cleanup.jpi
When I enable security settings, it works.
- is duplicated by
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
[JENKINS-43347] Pipeline creation does not work when security is disabled.
Pipeline creation requires that you be logged in as an authenticated user, because the credentials used for pipeline are scoped to the user (for security purposes). vivek can explain that in more detail if you are interested. It is our team's opinion that it's a best practice to have at least some kind of security configuration in place.
We have implemented some code to show an error on the "New Pipeline" screen if you were not logged in, but I don't think we handled the case where security was disabled entirely. michaelneale jamesdumay we have JENKINS-42274 that tracks this issue. Should we at least implement a fix for creation to ensure it's disabled if security is disabled too?
cliffmeyers could we make a quick change so that:
- We allow the user to click "New Pipeline"
- When they get to this page - hide the options to click "Git" or "Github" completely
- Replace with a error alert
- Title: Pipeline creation disabled
- Description: Pipeline creation requires security to be enabled – Learn more
I suspect this was the cause of a few reports of this not working on hacker news.
jamesdumay I'll implement the changes you've outlined above as the fix for this bug.
Nat Sr
added a comment - Hi I would like to ask how to enable the security to be able to get "create pipeline" work? Currently, I got this but I can create the pipeline with classic mode. Thank you in advance.
Nat Sr
added a comment - Hi I would like to ask how to enable the security to be able to get "create pipeline" work? Currently, I got this but I can create the pipeline with classic mode. Thank you in advance.
comscience15 you will need to follow https://wiki.jenkins.io/display/JENKINS/Standard+Security+Setup
Same problem here, When jenkins is setup without user auth. you are unable to create a git pipeline. When you activate user auth (jenkins local database) then it works without any problems