Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43802

Shared Library using folder-scoped credential fails to authenticate

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      In my GitHub Org job (using GitHub Enterprise), I added a pipeline lib source that is in GitHub.  If the scan credential is scoped to the job (created in the job, vs created in the global credential store), there are two problems:

      1) The config page under branch shows an error instead of "Currently maps to revision: $SHA".

      2) If using a job-scoped credential, the "git fetch" in the job execution does not contain a line saying "Setting GIT_ASKPASS ..."

      If I switch to the identical credential stored in the global scope, both the config page and the git fetch (GIT_ASKPASS) works.

      I can give more details or try to isolate the problem if needed (standalone, minimal sets of plugins).

        Attachments

          Issue Links

            Activity

            Hide
            markewaite Mark Waite added a comment -

            Sorry about that mistake. I failed to read the comment which says that it was released in git plugin 3.11.0. Returning to CLOSED since it is resolved.

            Show
            markewaite Mark Waite added a comment - Sorry about that mistake. I failed to read the comment which says that it was released in git plugin 3.11.0. Returning to CLOSED since it is resolved.
            Hide
            asbachb Benjamin Asbach added a comment - - edited

            Matthias Balke, can you confirm that the issue is fixed for "Modern SCM > GIT"?

            I get a quite similar issue for linked Pipeline Libraries where branch references can authenticate, but tag references are unable to.

            Show
            asbachb Benjamin Asbach added a comment - - edited Matthias Balke , can you confirm that the issue is fixed for "Modern SCM > GIT"? I get a quite similar issue for linked Pipeline Libraries where branch references can authenticate, but tag references are unable to.
            Hide
            degelma Marian Degel added a comment - - edited

            We got the same problem as Benjamin Asbach describes.

            While using "Modern SCM > GIT", trying to fetch tag references fails like this:

            ...
            12:51:26  Fetching origin...
            12:51:26  Fetching upstream changes from origin
            12:51:26   > git --version # timeout=10
            12:51:26   > git --version # 'git version 2.11.0'
            12:51:26   > git config --get remote.origin.url # timeout=10
            12:51:26   > git fetch --tags --progress -- origin +refs/heads/*:refs/remotes/origin/* # timeout=10
            12:51:26  ERROR: Checkout failed
            12:51:26  hudson.plugins.git.GitException: Command "git fetch --tags --progress -- origin +refs/heads/*:refs/remotes/origin/*" returned status code 128:
            12:51:26  stdout: 
            12:51:26  stderr: remote: HTTP Basic: Access denied
            ...
            

            In case we use a branch it works. In case we use a tag, it doesn't.

            When specifying the credential in the global scope instead of folder scope, we can also checkout the tag as intended.

            Currently we're using: workflow-cps-global-lib-plugin 2.17

            Show
            degelma Marian Degel added a comment - - edited We got the same problem as Benjamin Asbach  describes. While using "Modern SCM > GIT", trying to fetch tag references fails like this: ... 12:51:26 Fetching origin... 12:51:26 Fetching upstream changes from origin 12:51:26 > git --version # timeout=10 12:51:26 > git --version # 'git version 2.11.0' 12:51:26 > git config --get remote.origin.url # timeout=10 12:51:26 > git fetch --tags --progress -- origin +refs/heads/*:refs/remotes/origin/* # timeout=10 12:51:26 ERROR: Checkout failed 12:51:26 hudson.plugins.git.GitException: Command "git fetch --tags --progress -- origin +refs/heads/*:refs/remotes/origin/*" returned status code 128: 12:51:26 stdout: 12:51:26 stderr: remote: HTTP Basic: Access denied ... In case we use a branch it works. In case we use a tag, it doesn't. When specifying the credential in the global scope instead of folder scope, we can also checkout the tag as intended. Currently we're using: workflow-cps-global-lib-plugin 2.17
            Hide
            jglick Jesse Glick added a comment -

            Marian Degel please do not reopen issues in general. You can file a fresh issue in git-plugin with a Link to this one and complete, self-contained, minimal steps to reproduce from scratch.

            Show
            jglick Jesse Glick added a comment - Marian Degel please do not reopen issues in general. You can file a fresh issue in git-plugin with a Link to this one and complete, self-contained, minimal steps to reproduce from scratch.
            Hide
            degelma Marian Degel added a comment -

            Jesse Glick: Thanks for the info, I'll do that.

            Show
            degelma Marian Degel added a comment - Jesse Glick : Thanks for the info, I'll do that.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              vallon Justin Vallon
              Votes:
              24 Vote for this issue
              Watchers:
              30 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: