-
Bug
-
Resolution: Fixed
-
Critical
-
Jenkins-Version=2.236
OS: Linux and Jenkins running in Docker container
-
-
pipeline-build-step 2.13
Hello,
since Jenkins 2.236 I get the following error when trying to start a job from a job:
org.jenkinsci.plugins.workflow.support.steps.build.BuildTriggerStep: java.lang.IllegalArgumentException: Could not instantiate {name=SERVER_SSH_PASSWORD, value=XXXXX} for hudson.model.PasswordParameterValue: java.lang.ClassCastException: hudson.model.PasswordParameterValue.value expects class hudson.util.Secret but received class java.lang.String
The pipeline look like the following (shortened):
pipeline {
agent {
label 'linux'
}
// options, environment
stages {
stage('Deploy Production') {
when {
anyOf {
buildingTag()
}
}
steps {
script {
if (env.TAG_NAME) {
dockerTag = "${env.TAG_NAME}"
} else {
dockerTag = "dev-${env.BRANCH_NAME}"
}
withCredentials([
usernamePassword(credentialsId: 'centos-root', usernameVariable: 'SERVER_SSH_USER', passwordVariable: 'SERVER_SSH_PASSWORD'),
usernamePassword(credentialsId: 'database-maintenance', usernameVariable: 'LIQUIBASE_USERNAME', passwordVariable: 'LIQUIBASE_PASSWORD')
]) {
build job: 'otherproject/otherjob/master', parameters: [
string(name: 'PROJECT_VERSION', value: "${dockerTag}"),
string(name: 'PROJECT_ENVIRONMENT', value: 'production'),
string(name: 'LISTEN_IP_NGINX', value: "172.21.240.14"),
string(name: 'COMPOSE_ARGS', value: '-f docker-compose.yml'),
string(name: 'SERVER_HOST', value: "${env.SERVER_HOST}"),
string(name: 'SERVER_IP', value: "${env.SERVER_IP}"),
string(name: 'DEPLOY_USER', value: "${env.DEPLOY_USER}"),
string(name: 'DOCKER_IMAGE', value: "${env.DOCKER_IMAGE}"),
string(name: 'SERVER_SSH_USER', value: "${SERVER_SSH_USER}"),
string(name: 'WEB_CONTAINER_NAME', value: 'api'),
string(name: 'PHP_CONTAINER_NAME', value: 'api-php'),
password(name: 'SERVER_SSH_PASSWORD', value: "${SERVER_SSH_PASSWORD}"),
text(name: 'EXTRA_ENVIRONMENT_VARIABLES', value: environmentVariablesProduction()),
text(name: 'COMPOSE_FILE', value: readFile("docker-compose.server.yml")),
booleanParam(name: 'LIQUIBASE_UPDATE', value: true),
string(name: 'LIQUIBASE_USERNAME', value: "${LIQUIBASE_USERNAME}"),
password(name: 'LIQUIBASE_PASSWORD', value: "${LIQUIBASE_PASSWORD}"),
string(name: 'LIQUIBASE_CHANGELOG_PATH', value: '/var/www/html/data/database/basedata'),
string(name: 'LIQUIBASE_URL', value: 'someJDBCUri),
booleanParam(name: 'CLEANUP_MEMCACHED', value: true)
]
}
}
}
}
}
// post
}
Downgrading to 2.235 helped.
- is caused by
-
JENKINS-61808 Always encrypt f:password values, not just those backed by Secret
-
- Resolved
-
- relates to
-
-
- Resolved
-
- links to
[JENKINS-62305] Error "hudson.model.PasswordParameterValue.value expects class hudson.util.Secret" since 2.236
Fabian Grutschus
created issue -
| Labels | New: regression |
| Priority | Original: Minor [ 4 ] | New: Critical [ 2 ] |
danielbeck would you be fine if I assign it to you?
P.S: personally I do not have strong opinion where to fix it. Jenkins core side workaround looks to be a convenient approach to prevent complicated upgrade steps, and to prevent other potential regressions.
Is this something we can handle on the pipeline side?
I guess this code could try to special-case PasswordParameterDefinition taking into account the current Jenkins version. I think it might make more sense though to update PasswordParameterDefinition.createValue(StaplerRequest, JSONObject) to hold the special-case logic instead.
Are there other contexts where parameters are instantiated (not just configured) via data binding (maybe JobDSL)? If so, I would expect them to be broken too.
CLI command and remote API come to mind as candidates. I'll take a look at those.
| Link |
New:
This issue is caused by |
| Labels | Original: regression | New: pipeline regression |
Caused by https://github.com/jenkinsci/jenkins/pull/4630
dnusbaum Is this something we can handle on the pipeline side? I'd rather not have to do another Object hack, the last one caused problems IIRC.