Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-45129

Unable to scan branches in multibranch plugin when user has two-step verification enabled

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      When trying to scan for branches using the user which has two-step verification enabled, I get the following error:

       

      Started
      [Mon Jun 26 11:04:33 CEST 2017] Starting branch indexing...
      ERROR: [Mon Jun 26 11:04:33 CEST 2017] Could not update folder level actions from source 85788dfe-8acb-4d5b-b6c5-64622c0ae982
      com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRequestException: HTTP request error. Status: 403: Forbidden.
      To make an API call, you need to use an app password.
      at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getRequest(BitbucketCloudApiClient.java:572)
      at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getRepository(BitbucketCloudApiClient.java:236)
      at com.cloudbees.jenkins.plugins.bitbucket.BitbucketSCMSource.retrieveActions(BitbucketSCMSource.java:689)
      at jenkins.scm.api.SCMSource.fetchActions(SCMSource.java:691)
      at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:587)
      at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:266)
      at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:162)
      at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:969)
      at hudson.model.ResourceController.execute(ResourceController.java:97)
      at hudson.model.Executor.run(Executor.java:415)
      [Mon Jun 26 11:04:33 CEST 2017] Finished branch indexing. Indexing took 0.35 sec
      FATAL: Failed to recompute children of ocr-engine
      com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRequestException: HTTP request error. Status: 403: Forbidden.
      To make an API call, you need to use an app password.
      at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getRequest(BitbucketCloudApiClient.java:572)
      at com.cloudbees.jenkins.plugins.bitbucket.client.BitbucketCloudApiClient.getRepository(BitbucketCloudApiClient.java:236)
      at com.cloudbees.jenkins.plugins.bitbucket.BitbucketSCMSource.retrieveActions(BitbucketSCMSource.java:689)
      at jenkins.scm.api.SCMSource.fetchActions(SCMSource.java:691)
      at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:587)
      at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:266)
      at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:162)
      at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:969)
      at hudson.model.ResourceController.execute(ResourceController.java:97)
      at hudson.model.Executor.run(Executor.java:415)
      Finished: FAILURE
      

      We would like to enable enforcement for all our developers to use two-step verification for logging into BitBucket, but are unable to do so until Bitbucket branch source plugin gets the ability to use app password for making API calls.

        Attachments

          Activity

          Hide
          dodoent Nenad Miksa added a comment -

          Yes, I am using Bitbucket username.

           

          Show
          dodoent Nenad Miksa added a comment - Yes, I am using Bitbucket username.  
          Hide
          hemp Chris Hemp added a comment -

          I tested this out this morning on a local jenkins 2.151 (via docker) with using bitbucket-branch-source-plugin version 2.2.14.  Using the Bitbucket `username` with an App Password worked successfully with my SAML/SSO configured user.  

          This is great!  Thanks again Nenad Miksa

          TLDR:

          User without SAML/SSO use: email-address / password

          User with SAML/SSO use: bitbucket-user-name / app-password

          Show
          hemp Chris Hemp added a comment - I tested this out this morning on a local jenkins 2.151 (via docker) with using bitbucket-branch-source-plugin version 2.2.14.  Using the Bitbucket `username` with an App Password worked successfully with my SAML/SSO configured user.   This is great!  Thanks again Nenad Miksa TLDR: User without SAML/SSO use: email-address / password User with SAML/SSO use: bitbucket-user-name / app-password
          Hide
          vivek Vivek Pandey added a comment -

          Groovy script does what you can also do using UI by setting up credentials using bitbucket username and app password and then setup Bitbucket Endpoint/Manage hooks to select that credential from drop down. Given that its unclear what this issue is trying to get fixed. Nenad Miksa please confirm if this is still an issue and provide details with step as whats not working.

          Show
          vivek Vivek Pandey added a comment - Groovy script does what you can also do using UI by setting up credentials using bitbucket username and app password and then setup Bitbucket Endpoint/Manage hooks to select that credential from drop down. Given that its unclear what this issue is trying to get fixed. Nenad Miksa please confirm if this is still an issue and provide details with step as whats not working.
          Hide
          dodoent Nenad Miksa added a comment -

          For me this now works, as I said earlier - setting it up with the script does the job for me. The original issue referred to not being able to do even that. So I think it can be closed now.

          Thank you for your support and for the development of the requested feature!

          Show
          dodoent Nenad Miksa added a comment - For me this now works, as I said earlier - setting it up with the script does the job for me. The original issue referred to not being able to do even that. So I think it can be closed now. Thank you for your support and for the development of the requested feature!
          Hide
          vivek Vivek Pandey added a comment -

          Thanks Nenad Miksa!

          Show
          vivek Vivek Pandey added a comment - Thanks Nenad Miksa !

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dodoent Nenad Miksa
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: