-
Bug
-
Resolution: Fixed
-
Minor
Hello,
I have an issue with the following versions :
- Jenkins 2.249.1
- Pipeline: Groovy 2.83
- Audit Trail 3.7
Go to the Snippet Generator : http://<jenkins-url>/pipeline-syntax/
The "Generate Pipeline Script" button doesn't work.
Going back to Audit Trail 3.6 solve the issue.
[JENKINS-63928] Snippet Generator doesn't work with last version of Audit Trail plugin
Allan BURDAJEWICZ
added a comment - This seems to be caused by a security fix in Audit trail. I am able to reproduce this in an environment where Audit Trail was upgraded. I see an Administrative Monitor that points to (https://github.com/jenkinsci/audit-trail-plugin/blob/master/docs/bypassable-patterns.adoc). And hitting "Apply default pattern" fixes this. Maybe Audit trail is blocking some requests with the legacy pattern.
Allan BURDAJEWICZ
added a comment - This seems to be caused by a security fix in Audit trail. I am able to reproduce this in an environment where Audit Trail was upgraded. I see an Administrative Monitor that points to ( https://github.com/jenkinsci/audit-trail-plugin/blob/master/docs/bypassable-patterns.adoc ). And hitting "Apply default pattern" fixes this. Maybe Audit trail is blocking some requests with the legacy pattern. 
Kamar Rushdi Kamar Hisham
added a comment - Will there be any impact if we "Apply default pattern?" Having the below error:
Kamar Rushdi Kamar Hisham
added a comment - Will there be any impact if we "Apply default pattern?" Having the below error:
prukamar this monitor is not an error but a warning indicating that the pattern you are using with audit trail plugin can be bypassed, if you click on the link provided in the monitor you can get more extended information.
timja allan_burdajewicz I replayed the use case and indeed the issue is visible only when the Audit Trail security monitor introduced in Audit Trail 3.7 is triggered. I debugged further, the frontend never sends a POST request to /jenkins/pipeline-syntax/generateSnippet. Upon looking further, the faulty call is around there:
Interestingly enough, there is a comment from jglick saying this call can fail in some circumstances. Not clear to me if we are in the same circumstances.
Right now I cannot understand the link because the failing js side, and this admin monitor: https://github.com/jenkinsci/audit-trail-plugin/blob/aeb49db71a1a4ec715286f93c42f581808f49592/src/main/java/hudson/plugins/audit_trail/BypassablePatternMonitor.java
The comment is referring to the outdated prototype javascript library we use and how it hijacks the javascript prototypes and breaks certain methods...
Bug corrected in https://github.com/jenkinsci/audit-trail-plugin/pull/47, please have a look.
Possible workarounds: using a user without admin permission (to not have the monitors displayed) or ensure the monitor is not shown by applying the new default.
Can you be clearer on the issue?
is it the whole pipeline syntax or just the audit trail plugin?
Screen shots?
Is there any errors in the browser console?