Status: Closed (View Workflow)
I have an issue with the following versions :
- Jenkins 2.249.1
- Pipeline: Groovy 2.83
- Audit Trail 3.7
Go to the Snippet Generator : http://<jenkins-url>/pipeline-syntax/
The "Generate Pipeline Script" button doesn't work.
Going back to Audit Trail 3.6 solve the issue.
This seems to be caused by a security fix in Audit trail. I am able to reproduce this in an environment where Audit Trail was upgraded. I see an Administrative Monitor that points to (https://github.com/jenkinsci/audit-trail-plugin/blob/master/docs/bypassable-patterns.adoc). And hitting "Apply default pattern" fixes this. Maybe Audit trail is blocking some requests with the legacy pattern.
Will there be any impact if we "Apply default pattern?" Having the below error:
prukamar this monitor is not an error but a warning indicating that the pattern you are using with audit trail plugin can be bypassed, if you click on the link provided in the monitor you can get more extended information.
timja allan_burdajewicz I replayed the use case and indeed the issue is visible only when the Audit Trail security monitor introduced in Audit Trail 3.7 is triggered. I debugged further, the frontend never sends a POST request to /jenkins/pipeline-syntax/generateSnippet. Upon looking further, the faulty call is around there:
Interestingly enough, there is a comment from jglick saying this call can fail in some circumstances. Not clear to me if we are in the same circumstances.
Right now I cannot understand the link because the failing js side, and this admin monitor: https://github.com/jenkinsci/audit-trail-plugin/blob/aeb49db71a1a4ec715286f93c42f581808f49592/src/main/java/hudson/plugins/audit_trail/BypassablePatternMonitor.java
Bug corrected in https://github.com/jenkinsci/audit-trail-plugin/pull/47, please have a look.
Possible workarounds: using a user without admin permission (to not have the monitors displayed) or ensure the monitor is not shown by applying the new default.
Can you be clearer on the issue?
is it the whole pipeline syntax or just the audit trail plugin?
Is there any errors in the browser console?