-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
Jenkins Version 2.138.1
configuration-as-code 1.3
configuration-as-code-support 1.3
role-strategy 2.9.0
Hi Jenkins JCasC-Plugin and Role-Strategy-Plugin teams,
following isse:
I have configured Role-Strategy using JCasC plugin see configuration and the end.
But now following error occurs when updating manually
http://localhost/jenkins/role-strategy/assign-roles
User/group to add -> newuser -> save
When I add a new user manually I will get following error:
I have a workaround for this, see beneath this stack trace and configuration
Stack trace
java.lang.UnsupportedOperationException
at java.util.Collections$UnmodifiableCollection.clear(Collections.java:1074)
at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap.clearSidsForRole(RoleMap.java:208)
at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap.clearSids(RoleMap.java:248)
at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy$DescriptorImpl.doAssignSubmit(RoleBasedAuthorizationStrategy.java:696)
at com.michelin.cio.hudson.plugins.rolestrategy.RoleStrategyConfig.doAssignSubmit(RoleStrategyConfig.java:165)
at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77)
at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:734)
Caused: javax.servlet.ServletException
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:784)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:864)
at org.kohsuke.stapler.MetaClass$10.dispatch(MetaClass.java:374)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:734)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:864)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:668)
at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:865)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1655)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
at com.smartcodeltd.jenkinsci.plugin.assetbundler.filters.LessCSS.doFilter(LessCSS.java:47)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:59)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:99)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at org.eclipse.jetty.server.Server.handle(Server.java:531)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
at winstone.BoundedExecutorService.lambda$scheduleNext$0(BoundedExecutorService.java:80)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Found a similar reported issue here
https://github.com/jenkinsci/configuration-as-code-plugin/issues/504
but that info did not give me any clue
Can you please help me analyse this.
Thanx!!!
My Configuration
Jenkins Version 2.138.1
plugin versions
configuration-as-code 1.3
configuration-as-code-support 1.3
role-strategy 2.9.0
JCasC configuration: jenkins.yaml in JENKINS_HOME
configuration-as-code:
version: "1"
deprecated: warn
restricted: warn
unknown: warn
jenkins:
version: "1"
deprecated: warn
restricted: warn
unknown: warn
authorizationStrategy:
roleBased:
roles:
global:
- name: "admin"
description: "Jenkins Administrators"
permissions:
- "Overall/Administer"
- "Overall/Read"
- "Credentials/Create"
- "Credentials/Delete"
- "Credentials/ManageDomains"
- "Credentials/Update"
- "Credentials/View"
- "Build Failure Analyzer/RemoveCause"
- "Build Failure Analyzer/UpdateCauses"
- "Build Failure Analyzer/ViewCauses"
- "Agent/Build"
- "Agent/Configure"
- "Agent/Connect"
- "Agent/Create"
- "Agent/Delete"
- "Agent/Disconnect"
- "Agent/Provision"
- "Job/Build"
- "Job/Cancel"
- "Job/Configure"
- "Job/Create"
- "Job/Delete"
- "Job/Discover"
- "Job/Move"
- "Job/Read"
- "Job/Workspace"
- "Run/Delete"
- "Run/Replay"
- "Run/Update"
- "View/Configure"
- "View/Create"
- "View/Delete"
- "View/Read"
assignments:
- "admin"
- "bas"
- name: "jenkinsAdmin"
description: "Jenkins Administrators"
permissions:
- "Overall/Administer"
- "Overall/Read"
- "Credentials/Create"
- "Credentials/Delete"
- "Credentials/ManageDomains"
- "Credentials/Update"
- "Credentials/View"
- "Build Failure Analyzer/RemoveCause"
- "Build Failure Analyzer/UpdateCauses"
- "Build Failure Analyzer/ViewCauses"
- "Agent/Build"
- "Agent/Configure"
- "Agent/Connect"
- "Agent/Create"
- "Agent/Delete"
- "Agent/Disconnect"
- "Job/Build"
- "Job/Cancel"
- "Job/Configure"
- "Job/Create"
- "Job/Delete"
- "Job/Discover"
- "Job/Move"
- "Job/Read"
- "Job/Workspace"
- "Run/Delete"
- "Run/Update"
- "View/Configure"
- "View/Create"
- "View/Delete"
- "View/Read"
assignments:
- "admin"
- name: "projectAdmin"
description: "Jenkins Project Administrators"
permissions:
- "Overall/Read"
- "Credentials/Create"
- "Credentials/Delete"
- "Credentials/ManageDomains"
- "Credentials/Update"
- "Credentials/View"
- "Build Failure Analyzer/RemoveCause"
- "Build Failure Analyzer/UpdateCauses"
- "Build Failure Analyzer/ViewCauses"
- "Job/Build"
- "Job/Discover"
- "Job/Read"
- "View/Configure"
- "View/Create"
- "View/Delete"
- "View/Read"
assignments:
- "admin"
- name: "projectUser"
description: "Jenkins Project User"
permissions:
- "Overall/Read"
- "Build Failure Analyzer/UpdateCauses"
- "Build Failure Analyzer/ViewCauses"
- "Job/Build"
- "Job/Discover"
- "Job/Read"
- "View/Read"
assignments:
- "admin"
- name: "projectViewer"
description: "Jenkins Project Viewer"
permissions:
- "Overall/Read"
- "Build Failure Analyzer/ViewCauses"
- "Job/Discover"
- "Job/Read"
- "View/Read"
assignments:
- "admin"
- name: "projectWorkspace"
description: "Jenkins Project Workspace"
permissions:
- "Job/Workspace"
assignments:
- "admin"
- name: "anon"
description: "Anonymous users"
assignments:
- "anonymous"
WORKAROUND:
Hi Jenkins JCasC-Plugin and Role-Strategy-Plugin teams,
I found a work around for this issue. 
Initially when Jenkins has started I go to "role-strategy/manage-roles"
http://localhost/role-strategy/manage-roles
and then just click "Save" button
After this "save" I can make changes to http://localhost/role-strategy/assign-roles without errors
Now I'm trying to find out how to make a groovy script to implement this workaround
I tried the following code but that didn't work
def currentAuthenticationStrategy = Jenkins.instance.getAuthorizationStrategy()
Jenkins.instance.setAuthorizationStrategy(currentAuthenticationStrategy)
Jenkins.instance.save()
I hope you can support me here.
thanx
kind regards,
Bas