Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64307

Jenkins github-plugin null safe

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      running Jenkins PR coverage plugin and observing the log output below coming from github-plugin.   Issue I am seeing is my Github PAT token is getting disabled.  however this action output concerns me where github-plugin is executing a null safe and trying to create a new token.   no idea why/how this is happening, but its taking down our entire PR/Gitflow.

      root problem is github-pr-coverage-status plugin is failing with the below credential message.  ref https://github.com/jenkinsci/github-pr-coverage-status-plugin

       

      ```
      Nov 24, 2020 7:13:37 PM FINE org.jenkinsci.plugins.github.internal.GitHubLoginFunction applyNullSafe
      Create new GH client with creds id JenkinsGithubToken
      Nov 24, 2020 7:13:38 PM WARNING org.jenkinsci.plugins.github.internal.GitHubLoginFunction applyNullSafe
      Failed to login with creds JenkinsGithubToken java.io.FileNotFoundException: https://github.<redacted>.com/api/v3/user at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$OkHttpURLConnection.getInputStream(ObsoleteUrlFactory.java:488) at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$DelegatingHttpsURLConnection.getInputStream(ObsoleteUrlFactory.java:1201) at org.kohsuke.github.GitHubHttpUrlConnectionClient$HttpURLConnectionResponseInfo.bodyStream(GitHubHttpUrlConnectionClient.java:197) at org.kohsuke.github.GitHubResponse$ResponseInfo.getBodyAsString(GitHubResponse.java:326) at org.kohsuke.github.GitHubResponse.parseBody(GitHubResponse.java:91) at org.kohsuke.github.GitHubClient.lambda$fetch$0(GitHubClient.java:145) at org.kohsuke.github.GitHubClient.createResponse(GitHubClient.java:461) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:412)```

      Versions:

      Jenkins CentOS Docker 2.267

      Github Plugin 1.32.0

      Github-pr-coverage-status-plugin 2.1.1

      github enterprise 2.22.3

       

       

        Attachments

          Activity

          Hide
          burowt Timothy added a comment - - edited

          Digging further - theres a third plugin involved here.  github branch source plugin 2.9.1 - github Organization Folder - scan job for auto discovering PR builds.  more log context

          ```
          Nov 24, 2020 6:56:07 PM INFO org.jenkinsci.plugins.github.webhook.WebhookManager$1 run
          GitHub webhooks activated for job github.ContentHub.pr-builds/dm-s3-keygen-client-lib with [GitHubRepositoryName[host=github.<REDACTED>.com,username=ContentHub,repository=dm-s3-keygen-client-lib]] (events: [PULL_REQUEST, PUSH, ISSUE_COMMENT])
          Nov 24, 2020 6:56:07 PM WARNING org.jenkinsci.plugins.github.internal.GitHubLoginFunction applyNullSafe
          Failed to login with creds JenkinsGithubToken java.io.FileNotFoundException: https://github.digitalglobe.com/api/v3/user at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$OkHttpURLConnection.getInputStream(ObsoleteUrlFactory.java:488) at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$DelegatingHttpsURLConnection.getInputStream(ObsoleteUrlFactory.java:1201) at org.kohsuke.github.GitHubHttpUrlConnectionClient$HttpURLConnectionResponseInfo.bodyStream(GitHubHttpUrlConnectionClient.java:197) at org.kohsuke.github.GitHubResponse$ResponseInfo.getBodyAsString(GitHubResponse.java:326) at org.kohsuke.github.GitHubResponse.parseBody(GitHubResponse.java:91) at org.kohsuke.github.GitHubClient.lambda$fetch$0(GitHubClient.java:145) at org.kohsuke.github.GitHubClient.createResponse(GitHubClient.java:461) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:412)```

          Owner = Contenthub which equals the Orgainzation name in Github

          from the Plugin help description
          "Specify the name of the GitHub Organization or GitHub User Account."

          in the log output Username = Contenthub - thats not correct.  so i think the issue is in this config  - if you are using an org level integration(not sure how) or User level Pat that matters, but not documented??

          however I have a user and PAT defined in the field above Owner - so im confused here
           

          Show
          burowt Timothy added a comment - - edited Digging further - theres a third plugin involved here.  github branch source plugin 2.9.1 - github Organization Folder - scan job for auto discovering PR builds.  more log context ``` Nov 24, 2020 6:56:07 PM INFO org.jenkinsci.plugins.github.webhook.WebhookManager$1 run GitHub webhooks activated for job github.ContentHub.pr-builds/dm-s3-keygen-client-lib with [GitHubRepositoryName [host=github.<REDACTED>.com,username=ContentHub,repository=dm-s3-keygen-client-lib] ] (events: [PULL_REQUEST, PUSH, ISSUE_COMMENT] ) Nov 24, 2020 6:56:07 PM WARNING org.jenkinsci.plugins.github.internal.GitHubLoginFunction applyNullSafe Failed to login with creds JenkinsGithubToken java.io.FileNotFoundException: https://github.digitalglobe.com/api/v3/user at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$OkHttpURLConnection.getInputStream(ObsoleteUrlFactory.java:488) at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$DelegatingHttpsURLConnection.getInputStream(ObsoleteUrlFactory.java:1201) at org.kohsuke.github.GitHubHttpUrlConnectionClient$HttpURLConnectionResponseInfo.bodyStream(GitHubHttpUrlConnectionClient.java:197) at org.kohsuke.github.GitHubResponse$ResponseInfo.getBodyAsString(GitHubResponse.java:326) at org.kohsuke.github.GitHubResponse.parseBody(GitHubResponse.java:91) at org.kohsuke.github.GitHubClient.lambda$fetch$0(GitHubClient.java:145) at org.kohsuke.github.GitHubClient.createResponse(GitHubClient.java:461) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:412)``` Owner = Contenthub which equals the Orgainzation name in Github from the Plugin help description "Specify the name of the GitHub Organization or GitHub User Account ." in the log output Username = Contenthub - thats not correct.  so i think the issue is in this config  - if you are using an org level integration(not sure how) or User level Pat that matters, but not documented?? however I have a user and PAT defined in the field above Owner - so im confused here  
          Hide
          burowt Timothy added a comment -

          I found the offending credential ID - no closer to knowing where it came from or why it was no where to be found in the console but it was located in the following file

          github-plugin-configuration.xml: <credentialsId>JenkinsGithubToken</credentialsId>

           

          Show
          burowt Timothy added a comment - I found the offending credential ID - no closer to knowing where it came from or why it was no where to be found in the console but it was located in the following file github-plugin-configuration.xml: <credentialsId>JenkinsGithubToken</credentialsId>  
          Hide
          burowt Timothy added a comment - - edited

          ok narrowed this down even further -

          under manage Jenkins - GitHub Server - Credentials -

          the only credentials that are select able is "secret text" types - for gh authentication even with a PATs token a username is required. Plugin should be using Username/Password Credential ID types.

           

          Of course tho - I am specifying specific credentials in both the PR plugin and the Organization Job,  not sure why this whole process is defaulting back to the server credential for the github server config.

           

          Show
          burowt Timothy added a comment - - edited ok narrowed this down even further - under manage Jenkins - GitHub Server - Credentials - the only credentials that are select able is "secret text" types - for gh authentication even with a PATs token a username is required. Plugin should be using Username/Password Credential ID types.   Of course tho - I am specifying specific credentials in both the PR plugin and the Organization Job,  not sure why this whole process is defaulting back to the server credential for the github server config.  
          Hide
          burowt Timothy added a comment -

          So I think ive figured out what was going on -

           There 3 plugins involved and the server was defaulting back to a base config that should not have been in play.  That base config had an old token in it.

          Github-plugin – base config (PAT Secret Text)

          Github-branchsource-plugin – intermediat credential (Username/PAT secret TEXT)

          Github-pr-coverage-plugin – dedicated credential (PAT secret text)

          – but the problem ultimately cropped up in the PR plugin. Which should not have any relation to the base github-plugin credential. 

           

          in the end - im not sure if this is a bug - or just a set of disconnected plugin behaviors.

          Show
          burowt Timothy added a comment - So I think ive figured out what was going on -  There 3 plugins involved and the server was defaulting back to a base config that should not have been in play.  That base config had an old token in it. Github-plugin – base config (PAT Secret Text) Github-branchsource-plugin – intermediat credential (Username/PAT secret TEXT) Github-pr-coverage-plugin – dedicated credential (PAT secret text) – but the problem ultimately cropped up in the PR plugin. Which should not have any relation to the base github-plugin credential.    in the end - im not sure if this is a bug - or just a set of disconnected plugin behaviors.
          Hide
          burowt Timothy added a comment -

          and after all that - got rid of the one error - and the original error with the Pr plugin is back.

           

          Show
          burowt Timothy added a comment - and after all that - got rid of the one error - and the original error with the Pr plugin is back.  

            People

            Assignee:
            lanwen Kirill Merkushev
            Reporter:
            burowt Timothy
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: