Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60229

Jenkins unable to get updates / update details of Allure Jenkins plugin

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Reopened (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Component/s: allure-plugin, core
    • Environment:
    • Similar Issues:

      Description

      Upon updating to Jenkins 2.205, our Jenkins setup became unable to get plugin updates.
      I see the following error now:

      "There were errors checking the update sites: None of the tool installer metadata passed the signature check"

      update from Thomas Patzig
      happens again with Jenkins 2.289.2

      response / JSON of update URL looks invalid

      does the update service works properly?
      https://updates.jenkins.io/update-center.json
      http://updates.jenkins.io/update-center.json
      http://updates.jenkins.io/current/update-center.json

        Attachments

          Issue Links

            Activity

            Hide
            thomaspatzig Thomas Patzig added a comment -

            to Mark Waite

             

            have tried it with

            https://updates.jenkins.io/update-center.json

             

            same issue

            Show
            thomaspatzig Thomas Patzig added a comment - to Mark Waite   have tried it with https://updates.jenkins.io/update-center.json   same issue
            Show
            roebi Robert Halter added a comment - - edited See Allure Plugin Issue Certificate expiration of the plugin when checking for plugin updates on Jenkins startup #292
            Hide
            markewaite Mark Waite added a comment -

            because of JSON Content is embedded in downloadService.post('ru.yandex.qatools.allure.jenkins.tools.AllureCommandlineInstaller', and )

            As far as I understand it, those files contain 'JSONP' even though their suffix says that they are JSON files. The AdoptOpenJDK data and every other data that I checked have the same prolog of downloadService.post

            Show
            markewaite Mark Waite added a comment - because of JSON Content is embedded in downloadService.post('ru.yandex.qatools.allure.jenkins.tools.AllureCommandlineInstaller', and ) As far as I understand it, those files contain 'JSONP' even though their suffix says that they are JSON files. The AdoptOpenJDK data and every other data that I checked have the same prolog of downloadService.post
            Hide
            thomaspatzig Thomas Patzig added a comment - - edited

            not sure if you have already seen it, but:

            https://wiki.qatools.ru/display/AL/Allure+Jenkins+Plugin

            https://ci.qameta.io/job/allure-plugin/

            ... looks like that they have big trouble with their certificates

            is it revoked?
            the same with their plugin signature?

            Show
            thomaspatzig Thomas Patzig added a comment - - edited not sure if you have already seen it, but: https://wiki.qatools.ru/display/AL/Allure+Jenkins+Plugin https://ci.qameta.io/job/allure-plugin/ ... looks like that they have big trouble with their certificates is it revoked? the same with their plugin signature?
            Hide
            duemir Denys Digtiar added a comment -

            If timestamps are to be trusted on https://updates.jenkins.io/updates/ the ru.yandex.qatools.allure.jenkins.tools.AllureCommandlineInstaller.json* have not been updated since 2021-05-02. I do not know how signatures of these files are generated but I don't think it has anything to do with https certificates of their sites. Maybe it has something to do with the fact that Allure used to host on Bintray which is now gone. I created https://github.com/jenkins-infra/crawler/pull/107 . Not sure if it is going to resolve it or not but should fix the tool discovery (crawling) error.

            Show
            duemir Denys Digtiar added a comment - If timestamps are to be trusted on https://updates.jenkins.io/updates/  the  ru.yandex.qatools.allure.jenkins.tools.AllureCommandlineInstaller.json* have not been updated since 2021-05-02. I do not know how signatures of these files are generated but I don't think it has anything to do with https certificates of their sites. Maybe it has something to do with the fact that Allure used to host on Bintray which is now gone. I created https://github.com/jenkins-infra/crawler/pull/107  . Not sure if it is going to resolve it or not but should fix the tool discovery (crawling) error.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              panajev Goffredo Marocchi
              Votes:
              1 Vote for this issue
              Watchers:
              14 Start watching this issue

                Dates

                Created:
                Updated: