Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-61156

Regression: P4 Plugin 1.10.10 trigger doesn't run jobs

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • p4-plugin
    • None
    • Jenkins LTS 2.204.2 on Windows Server 2016 (64bit)
      Java 1.8.0_144-b01
      p4-plugin 1.10.10

      We use a Perforce Trigger that calls curl to POST to the /p4/change endpoint exposed by the p4-plugin. With 1.10.6, this trigger worked, and the relevant job would run.  Upgrading to 1.10.10, and the trigger stopped working.

       

      In investigating the issue, 1.10.10 was still logging "doChange: Received trigger event for: <p4port here>", but the usual followup log "probeJobs: P4: probing: <jenkins job>" never appeared. Rolling the plugin back to 1.10.6 restored the ability to trigger the jenkins job.

          [JENKINS-61156] Regression: P4 Plugin 1.10.10 trigger doesn't run jobs

          William Brode added a comment -

          We are on Jenkins 2.204.2 and P4 plugin 1.10.9 and its still working for us.  So might just be 1.10.10.  I'll try upgrading next week and see if it breaks on 1.10.10 for us.

          William Brode added a comment - We are on Jenkins 2.204.2 and P4 plugin 1.10.9 and its still working for us.  So might just be 1.10.10.  I'll try upgrading next week and see if it breaks on 1.10.10 for us.

          Karl Wirth added a comment -

          Hi tcramer - Thanks for reporting this.

          What type of job are you triggering? Freestyle or pipeline?

          Please send me screenshots showing the 'Build Triggers' section of the job and the complete URL (with hostname replaced with a dummy hostname) you use to trigger the job.

          I will then try and repro this here.

          Karl Wirth added a comment - Hi tcramer - Thanks for reporting this. What type of job are you triggering? Freestyle or pipeline? Please send me screenshots showing the 'Build Triggers' section of the job and the complete URL (with hostname replaced with a dummy hostname) you use to trigger the job. I will then try and repro this here.

          Karl Wirth added a comment -

          Hi tcramer - Quick update. I just upgraded my test instance to 1.10.10 and for me the trigger is still working so it's possible this is to do with the paths involved or could be Jenkins version related also. If you can get me the data mentioned above and the paths involved that would be great (for example is it a stream, are there spaces, numbers or non ASCII characters). If you'd feel more comfortable in sending the data to me directly please send it to support@perforce.com for my attention.

          Karl Wirth added a comment - Hi tcramer - Quick update. I just upgraded my test instance to 1.10.10 and for me the trigger is still working so it's possible this is to do with the paths involved or could be Jenkins version related also. If you can get me the data mentioned above and the paths involved that would be great (for example is it a stream, are there spaces, numbers or non ASCII characters). If you'd feel more comfortable in sending the data to me directly please send it to support@perforce.com for my attention.

          Karl Wirth added a comment -

          Hi tcramer

          Can you please send me your trigger to 'support@perforce.com'. I want to check how you are calling the trigger.

          Thanks in advance,

          Karl

          Karl Wirth added a comment - Hi tcramer Can you please send me your trigger to 'support@perforce.com'. I want to check how you are calling the trigger. Thanks in advance, Karl

          I have just checked this. In P4Hook we use an anonymous thread to run the job. If we call getAllItems(to find the list of Jobs) inside the thread it seems to ignore your credentials and return no jobs. We may need to back out https://github.com/jenkinsci/p4-plugin/pull/116/files to fix this.

          abutler, are there alternatives for this fix?

          Matthew Smeeth added a comment - I have just checked this. In P4Hook we use an anonymous thread to run the job. If we call getAllItems(to find the list of Jobs) inside the thread it seems to ignore your credentials and return no jobs. We may need to back out  https://github.com/jenkinsci/p4-plugin/pull/116/files  to fix this. abutler , are there alternatives for this fix?

          Adam Butler added a comment -

          Hi msmeeth apologies if this has caused a regression.  I'm unable to reproduce the issue on our instance of Jenkins (version 2.190.3) and am not in a position to upgrade it at the moment to do further testing due to it being a corporate instance, so it's going to be difficult for me to come up with alternatives at this time.

          I think that your only option is to back this change out for the time being.

          Adam Butler added a comment - Hi msmeeth apologies if this has caused a regression.  I'm unable to reproduce the issue on our instance of Jenkins (version 2.190.3) and am not in a position to upgrade it at the moment to do further testing due to it being a corporate instance, so it's going to be difficult for me to come up with alternatives at this time. I think that your only option is to back this change out for the time being.

          William Brode added a comment -

          I and another colleague have installed 1.10.10 and the triggering still seems to be working as expected for us.

          William Brode added a comment - I and another colleague have installed 1.10.10 and the triggering still seems to be working as expected for us.

          Matthew Smeeth added a comment - - edited

          Hi wbrode, can you confirm whether anonymous users have build and read permissions set on your Jenkins server?

          The reason I ask is because I've observed that if you allow anonymous users read and build access(or anything higher) on your Jenkins server, the perforce triggers will still work as expected. Whereas if Jenkins is set up to only allow authenticated users read and build access(or higher), that's when I'm see the issue.

          Matthew Smeeth added a comment - - edited Hi  wbrode , can you confirm whether anonymous users have build and read permissions set on your Jenkins server? The reason I ask is because I've observed that if you allow anonymous users read and build access(or anything higher) on your Jenkins server, the perforce triggers will still work as expected. Whereas if Jenkins is set up to only allow authenticated users read and build access(or higher), that's when I'm see the issue.

          William Brode added a comment -

          msmeeth Sorry for the delay I missed the notification for this.  We do allow anonymous read but not Build.  Maybe p4karl can verify if anonymous read access is necessary for p4 plugin triggering starting at 1.10.10.  Then again if you updated jenkins core or security plugins around the same time it could be one of them exposing/causing the issue.

          William Brode added a comment - msmeeth Sorry for the delay I missed the notification for this.  We do allow anonymous read but not Build.  Maybe p4karl can verify if anonymous read access is necessary for p4 plugin triggering starting at 1.10.10.  Then again if you updated jenkins core or security plugins around the same time it could be one of them exposing/causing the issue.

          Hi wbrode, I'm a bit surprised that it would work without build access, however given that anonymous user has read access on your system, It's possible that's all that's needed to avoid this issue. However once you upgrade to 1.10.11 I think you'll almost certainly hit this issue due to extra security measures we've implemented. 

           

          For now unfortunately I'm going to revert the changes, with a plan to look into implementing this another way in the future.

           

          FYI abutler

          Matthew Smeeth added a comment - Hi wbrode , I'm a bit surprised that it would work without build access, however given that anonymous user has read access on your system, It's possible that's all that's needed to avoid this issue. However once you upgrade to 1.10.11 I think you'll almost certainly hit this issue due to extra security measures we've implemented.    For now unfortunately I'm going to revert the changes, with a plan to look into implementing this another way in the future.   FYI abutler

            Unassigned Unassigned
            tcramer Tom Cramer
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated: