We are using LDAP login for our Gerrit instance. For REST calls (including repo cloning) you must generate an HTTP password that is different from the LDAP login.

The gerrit-code-review-plugin currently does not permit setting the httpPassword flag (https://github.com/uwolfer/gerrit-rest-java-client/blob/v0.8.15/src/main/java/com/urswolfer/gerrit/client/rest/GerritAuthData.java#L101)

This is causing us to see the following in the gerrit logs:

[2020-01-22 01:35:58,480] [HTTP-21816] WARN  com.google.gerrit.httpd.auth.ldap.LdapLoginServlet : 'jenkins-ci' failed to sign in: Incorrect username or password 

POST to gerrit-server.com/a/changes/<change id>/revisions/<patchset number>/review

This appears to be discussed in this issue and resolved in PR#70