Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57528

Jenkins in Docker does not install detached plugins when there is no UC data

    • Jenkins 2.178

      It is a placeholder for https://github.com/jenkinsci/docker/issues/698 and for https://github.com/jenkinsci/jenkins/pull/4000 which addresses it in the core

      Using newer cores that have part of it moved to plugins and is now implied dependencies in other plugins is causing to have bad Jenkins installation.

       

          [JENKINS-57528] Jenkins in Docker does not install detached plugins when there is no UC data

          Jesse Glick added a comment -

          disabling them because they aren't actually used but are pulling in ancient versions with tons of security warnings

          I am not aware of which ancient versions or security warnings you are referring to here. All detached plugins are expected to be updated in tandem with security advisories. If you see differently, please file a bug report (or a patch). CC danielbeck

          I don't see any point in re-releasing the plugin or upgrading core requirements

          See discussion in JENKINS-28942. My standing proposal would require the plugin to be re-released, with metadata indicating the most recent core version against which it has been successfully tested, but would not require the minimum core version to be changed.

          Jesse Glick added a comment - disabling them because they aren't actually used but are pulling in ancient versions with tons of security warnings I am not aware of which ancient versions or security warnings you are referring to here. All detached plugins are expected to be updated in tandem with security advisories. If you see differently, please file a bug report (or a patch). CC danielbeck I don't see any point in re-releasing the plugin or upgrading core requirements See discussion in JENKINS-28942 . My standing proposal would require the plugin to be re-released, with metadata indicating the most recent core version against which it has been successfully tested, but would not require the minimum core version to be changed.

          Daniel Beck added a comment -

          Fun fact: When greenballs was last released in 2015, 1.638 was the current weekly release, not 1.440 (released 2011). So the implied dependencies to…

          • external-monitor-job
          • ldap
          • pam-auth
          • mailer
          • matrix-auth
          • windows-slaves
          • antisamy-markup-formatter
          • matrix-project
          • junit

          i.e. roughly 2/3 of all its dependencies, were basically the maintainer's choice.

          Daniel Beck added a comment - Fun fact: When greenballs was last released in 2015, 1.638 was the current weekly release, not 1.440 (released 2011). So the implied dependencies to… external-monitor-job ldap pam-auth mailer matrix-auth windows-slaves antisamy-markup-formatter matrix-project junit i.e. roughly 2/3 of all its dependencies, were basically the maintainer's choice.

          jglick I am not seeing the detached plugins being updated. At last when using the Docker container. I'm able to replicate with the https://plugins.jenkins.io/purge-build-queue-plugin# which pulls in LDAP 1.0 for example.

          Andrew Widdersheim added a comment - jglick I am not seeing the detached plugins being updated. At last when using the Docker container. I'm able to replicate with the https://plugins.jenkins.io/purge-build-queue-plugin#  which pulls in LDAP 1.0 for example.

          Some logs:

          jenkins_1  | INFO: Loading a detached plugin as a dependency: /var/jenkins_home/plugins/ldap.jpi
          jenkins_1  | WARNING: Created /var/jenkins_home/plugins/ldap/WEB-INF/lib/classes.jar; update plugin to a version created with a newer harness
          jenkins_1  | INFO: Took 0ms for Loading plugin LDAP Plugin v1.11 (ldap) by pool-6-thread-24
          jenkins_1  | INFO: Took 0ms for Initializing plugin ldap by pool-6-thread-18 
          

          The latest version is 1.20 according to my UI.

          Andrew Widdersheim added a comment - Some logs: jenkins_1 | INFO: Loading a detached plugin as a dependency: / var /jenkins_home/plugins/ldap.jpi jenkins_1 | WARNING: Created / var /jenkins_home/plugins/ldap/WEB-INF/lib/classes.jar; update plugin to a version created with a newer harness jenkins_1 | INFO: Took 0ms for Loading plugin LDAP Plugin v1.11 (ldap) by pool-6-thread-24 jenkins_1 | INFO: Took 0ms for Initializing plugin ldap by pool-6-thread-18 The latest version is 1.20 according to my UI.

          Er, I'm sorry. The https://plugins.jenkins.io/pam-auth plugin is the one with the security issue.

          jenkins_1  | INFO: Loading a detached plugin as a dependency: /var/jenkins_home/plugins/pam-auth.jpi
          jenkins_1  | WARNING: Created /var/jenkins_home/plugins/pam-auth/WEB-INF/lib/classes.jar; update plugin to a version created with a newer harness
          jenkins_1  | INFO: Took 0ms for Loading plugin PAM Authentication plugin v1.1 (pam-auth) by pool-6-thread-4
          jenkins_1  | INFO: Took 0ms for Initializing plugin pam-auth by pool-6-thread-1 

          Andrew Widdersheim added a comment - Er, I'm sorry. The  https://plugins.jenkins.io/pam-auth  plugin is the one with the security issue. jenkins_1 | INFO: Loading a detached plugin as a dependency: / var /jenkins_home/plugins/pam-auth.jpi jenkins_1 | WARNING: Created / var /jenkins_home/plugins/pam-auth/WEB-INF/lib/classes.jar; update plugin to a version created with a newer harness jenkins_1 | INFO: Took 0ms for Loading plugin PAM Authentication plugin v1.1 (pam-auth) by pool-6-thread-4 jenkins_1 | INFO: Took 0ms for Initializing plugin pam-auth by pool-6-thread-1

          Jesse Glick added a comment -

          Then Jenkins should be bundling 1.5.1.

          Jesse Glick added a comment - Then Jenkins should be bundling 1.5.1.

          Daniel Beck added a comment -

          I'll take this.

           

          Daniel Beck added a comment - I'll take this.  

          Thanks danielbeck. Did you need me to make a ticket or did you already?

          Andrew Widdersheim added a comment - Thanks danielbeck . Did you need me to make a ticket or did you already?

          danielbeck any update on this? Was an issue ever made that I can track?

          Andrew Widdersheim added a comment - danielbeck any update on this? Was an issue ever made that I can track?

          Andrew Widdersheim added a comment - Created  https://issues.jenkins-ci.org/browse/JENKINS-59552 .

            jglick Jesse Glick
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: