Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60316

Git client plugin doesn't quote file locations in askpass wrappers

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Component/s: git-client-plugin
    • Labels:
      None
    • Environment:
      git-client-plugin 3.0.0
    • Similar Issues:
    • Released As:
      git-client-3.1.0

      Description

      We have a project which uses blank spaces and other characters for its name.

      This name is used to create a temporary folder for files containing username and password consumed by a script generated by CliGitAPIImpl class. Because these names of these files are not quoted in the generated shell script, a script has a syntax errors and we run into following problem:

      using GIT_ASKPASS to set credentials token to authenticate with github for XXX
       > git fetch --no-tags --force --progress -- https://github.com/corda/XXX.git +refs/heads/master:refs/remotes/origin/master # timeout=10
      ERROR: Error fetching remote repo 'origin'
      hudson.plugins.git.GitException: Failed to fetch from https://github.com/corda/XXX.git
      	at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:899)
      	at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1114)
      	at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1145)
      	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:124)
      	at org.jenkinsci.plugins.workflow.libs.SCMSourceRetriever.lambda$doRetrieve$1(SCMSourceRetriever.java:154)
      	at org.jenkinsci.plugins.workflow.libs.SCMSourceRetriever.retrySCMOperation(SCMSourceRetriever.java:104)
      	at org.jenkinsci.plugins.workflow.libs.SCMSourceRetriever.doRetrieve(SCMSourceRetriever.java:153)
      	at org.jenkinsci.plugins.workflow.libs.SCMSourceRetriever.retrieve(SCMSourceRetriever.java:93)
      	at org.jenkinsci.plugins.workflow.libs.LibraryAdder.retrieve(LibraryAdder.java:157)
      	at org.jenkinsci.plugins.workflow.libs.LibraryAdder.add(LibraryAdder.java:138)
      	at org.jenkinsci.plugins.workflow.libs.LibraryDecorator$1.call(LibraryDecorator.java:125)
      	at org.codehaus.groovy.control.CompilationUnit.applyToPrimaryClassNodes(CompilationUnit.java:1065)
      	at org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:603)
      	at org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:581)
      	at org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:558)
      	at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:298)
      	at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:268)
      	at groovy.lang.GroovyShell.parseClass(GroovyShell.java:688)
      	at groovy.lang.GroovyShell.parse(GroovyShell.java:700)
      	at org.jenkinsci.plugins.workflow.cps.CpsGroovyShell.doParse(CpsGroovyShell.java:142)
      	at org.jenkinsci.plugins.workflow.cps.CpsGroovyShell.reparse(CpsGroovyShell.java:127)
      	at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution.parseScript(CpsFlowExecution.java:561)
      	at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution.start(CpsFlowExecution.java:522)
      	at org.jenkinsci.plugins.workflow.job.WorkflowRun.run(WorkflowRun.java:327)
      	at hudson.model.ResourceController.execute(ResourceController.java:97)
      	at hudson.model.Executor.run(Executor.java:429)
      Caused by: hudson.plugins.git.GitException: Command "git fetch --no-tags --force --progress -- https://github.com/corda/XXX.git +refs/heads/master:refs/remotes/origin/master" returned status code 128:
      stdout: 
      stderr: /var/jenkins_home/jobs/XXX's Test Job (Allure testing)/jobs/XXX/branches/PR-2859/workspace@libs/existing-build-control@tmp/jenkins-gitclient-pass679764427837957513.sh: line 3: syntax error: unexpected "(" (expecting ";;")
      error: unable to read askpass response from '/var/jenkins_home/jobs/XXX's Test Job (Allure testing)/jobs/XXX/branches/PR-2859/workspace@libs/existing-build-control@tmp/jenkins-gitclient-pass679764427837957513.sh'
      

      A workaround is either to change the project name or to fix the name of the workspace, so it is not a critical problem as such.

      Waldemar

        Attachments

          Issue Links

            Activity

            Hide
            markewaite Mark Waite added a comment -

            Fixed in git client plugin 3.1.0 release Jan 18, 2020.

            Show
            markewaite Mark Waite added a comment - Fixed in git client plugin 3.1.0 release Jan 18, 2020.
            Hide
            waldemarzurowski Waldemar Zurowski added a comment - - edited

            Also - this is wrong, as well. You cannot escape a single quote that way at all. Perhaps org.apache.commons.text.StringEscapeUtils.escape XSI should be used instead

            Show
            waldemarzurowski Waldemar Zurowski added a comment - - edited Also - this is wrong, as well. You cannot escape a single quote that way at all. Perhaps org.apache.commons.text.StringEscapeUtils.escape XSI should be used instead
            Hide
            waldemarzurowski Waldemar Zurowski added a comment -

            This line of code doesn't change anything because the quoting backslash is consumed by regexp handling so in the end it replaces a single quote with identical single quote.

            Show
            waldemarzurowski Waldemar Zurowski added a comment - This line of code doesn't change anything because the quoting backslash is consumed by regexp handling so in the end it replaces a single quote with identical single quote.
            Hide
            markewaite Mark Waite added a comment -

            You can dump the contents of the files that contain the credentials information by either deleting the line which removes the file and recompiling the git client plugin or by running Jenkins in a debugger and pausing execution with a breakpoint before the file is deleted.

            The line that you cite is intended to replace any embedded single quote characters with an escaped single quote.

            Show
            markewaite Mark Waite added a comment - You can dump the contents of the files that contain the credentials information by either deleting the line which removes the file and recompiling the git client plugin or by running Jenkins in a debugger and pausing execution with a breakpoint before the file is deleted. The line that you cite is intended to replace any embedded single quote characters with an escaped single quote.
            Hide
            waldemarzurowski Waldemar Zurowski added a comment -

            Also further to my note, the culprit seems to be:

            filename = filename.replaceAll("'", "\\'");
            

            in the unixArgEncodeFileName method (and others) which doesn't appear to actually do anything.

            Show
            waldemarzurowski Waldemar Zurowski added a comment - Also further to my note, the culprit seems to be: filename = filename.replaceAll( " '" , "\\' " ); in the unixArgEncodeFileName method (and others) which doesn't appear to actually do anything.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              waldemarzurowski Waldemar Zurowski
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: