Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44325

Failed to serialize jenkins.model.Jenkins#securityRealm for class hudson.model.Hudson

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Noticed this when deploying a new version of jenkins with all most recent plugins, from the `jenkinsci/jenkins:alpine` image:

      Jenkins: ver. 2.61
      github-oauth: 0.27

      java.lang.RuntimeException: Failed to serialize jenkins.model.Jenkins#securityRealm for class hudson.model.Hudson
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
      	at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
      	at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
      	at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
      	at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      	at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
      	at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
      	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
      	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
      	at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
      	at hudson.XmlFile.write(XmlFile.java:171)
      	at jenkins.model.Jenkins.save(Jenkins.java:3180)
      	at jenkins.model.Jenkins.saveQuietly(Jenkins.java:3186)
      	at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2569)
      	at jenkins.model.Jenkins$setSecurityRealm$2.call(Unknown Source)
      	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
      	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
      	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:125)
      	at github-realm.run(github-realm.groovy:22)
      	at groovy.lang.GroovyShell.evaluate(GroovyShell.java:585)
      	at jenkins.util.groovy.GroovyHookScript.execute(GroovyHookScript.java:136)
      	at jenkins.util.groovy.GroovyHookScript.execute(GroovyHookScript.java:127)
      	at jenkins.util.groovy.GroovyHookScript.run(GroovyHookScript.java:110)
      	at hudson.init.impl.GroovyInitScript.init(GroovyInitScript.java:41)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:104)
      	at hudson.init.TaskMethodFinder$TaskImpl.run(TaskMethodFinder.java:175)
      	at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:282)
      	at jenkins.model.Jenkins$7.runTask(Jenkins.java:1088)
      	at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:210)
      	at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: java.lang.NullPointerException
      	at com.thoughtworks.xstream.io.xml.PrettyPrintWriter.writeText(PrettyPrintWriter.java:235)
      	at com.thoughtworks.xstream.io.xml.PrettyPrintWriter.writeText(PrettyPrintWriter.java:231)
      	at com.thoughtworks.xstream.io.xml.PrettyPrintWriter.setValue(PrettyPrintWriter.java:214)
      	at com.thoughtworks.xstream.io.WriterWrapper.setValue(WriterWrapper.java:45)
      	at org.jenkinsci.plugins.GithubSecurityRealm$ConverterImpl.marshal(GithubSecurityRealm.java:236)
      	at hudson.util.XStream2$AssociatedConverterImpl.marshal(XStream2.java:370)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
      	at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      	... 39 more
      

      It likely relates to the script that I use to instantiate and set up the github-oauth plugin. That script is mainly taken from the one documented in the wiki page, but here for precision:

      import jenkins.model.*
      
      import hudson.security.SecurityRealm
      import org.jenkinsci.plugins.GithubSecurityRealm
      
      
      String githubWebUri = 'https://github.com'
      String githubApiUri = 'https://api.github.com'
      String oauthScopes = 'read:org,user:email'
      String clientSecret = 'secret'
      String clientID = 'clientid'
      
        SecurityRealm github_realm = new GithubSecurityRealm(githubWebUri, githubApiUri, clientID, clientSecret, oauthScopes)
      
        //check for equality, no need to modify the runtime if no settings changed
        if(!github_realm.equals(Jenkins.instance.getSecurityRealm()) ) {
          Jenkins.instance.setSecurityRealm(github_realm)
          Jenkins.instance.save()
        }
      

      In the stacktrace, it points to the groovy file @ line 22: Jenkins.instance.setSecurityRealm(github_realm)

        Attachments

          Activity

          Hide
          sag47 Sam Gleske added a comment -

          I can't reproduce this issue.  I set my authorization strategy to anyone can do anything and then ran the script console script:

          import hudson.security.SecurityRealm
          import org.jenkinsci.plugins.GithubSecurityRealm
          String githubWebUri = 'https://github.com'
          String githubApiUri = 'https://api.github.com'
          String clientID = 'someid'
          String clientSecret = 'somesecret'
          String oauthScopes = 'read:org'
          SecurityRealm github_realm = new GithubSecurityRealm(githubWebUri, githubApiUri, clientID, clientSecret, oauthScopes)
          //check for equality, no need to modify the runtime if no settings changed
          if(!github_realm.equals(Jenkins.instance.getSecurityRealm())) {
              Jenkins.instance.setSecurityRealm(github_realm)
              Jenkins.instance.save()
          }
          

          As-is it ran, set the settings, and serialized the configuration to disk as XML.

          Show
          sag47 Sam Gleske added a comment - I can't reproduce this issue.  I set my authorization strategy to anyone can do anything and then ran the script console script: import hudson.security.SecurityRealm import org.jenkinsci.plugins.GithubSecurityRealm String githubWebUri = 'https: //github.com' String githubApiUri = 'https: //api.github.com' String clientID = 'someid' String clientSecret = 'somesecret' String oauthScopes = 'read:org' SecurityRealm github_realm = new GithubSecurityRealm(githubWebUri, githubApiUri, clientID, clientSecret, oauthScopes) //check for equality, no need to modify the runtime if no settings changed if (!github_realm.equals(Jenkins.instance.getSecurityRealm())) { Jenkins.instance.setSecurityRealm(github_realm) Jenkins.instance.save() } As-is it ran, set the settings, and serialized the configuration to disk as XML.
          Hide
          gaieges Evin Callahan added a comment -

          Hmm, I can't seem to reproduce it now either locally, but it appears during startup of my production image, it still has that problem (even when using the image that production is using). Perhaps it's a setting somewhere on the production volume that's causing it?

          Show
          gaieges Evin Callahan added a comment - Hmm, I can't seem to reproduce it now either locally, but it appears during startup of my production image, it still has that problem (even when using the image that production is using). Perhaps it's a setting somewhere on the production volume that's causing it?
          Hide
          sag47 Sam Gleske added a comment -

          I tried setting my config.xml as read only but it threw a different exception around permission denied. So I'm still not sure how I would go about reproducing this.

          Show
          sag47 Sam Gleske added a comment - I tried setting my config.xml as read only but it threw a different exception around permission denied. So I'm still not sure how I would go about reproducing this.
          Hide
          sag47 Sam Gleske added a comment -

          Since I can't reproduce this I'm going to close it.  If you are able to reliably reproduce the issue again then please re-open and comment.

          Show
          sag47 Sam Gleske added a comment - Since I can't reproduce this I'm going to close it.  If you are able to reliably reproduce the issue again then please re-open and comment.
          Hide
          octo Florian Forster added a comment -

          I ran into this issue today after upgrading Jenkins and all plugins. I managed to resolve the issue and get Jenkins to start again by adding

          {{ <oauthScopes>read:org,user:email,repo</oauthScopes>}}

          to the <securityRealm> block in /var/lib/jenkins/config.xml. HTH, —octo

          Show
          octo Florian Forster added a comment - I ran into this issue today after upgrading Jenkins and all plugins. I managed to resolve the issue and get Jenkins to start again by adding {{ <oauthScopes>read:org,user:email,repo</oauthScopes>}} to the <securityRealm> block in /var/lib/jenkins/config.xml . HTH, —octo

            People

            Assignee:
            sag47 Sam Gleske
            Reporter:
            gaieges Evin Callahan
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: