-
Bug
-
Resolution: Cannot Reproduce
-
Major
-
None
Greetings-
Yesterday our Jenkins instance (2.277.4) began failing jobs when the job began checking out our shared Jenkins library repository from GitHub when using Personal Access Tokens (PATs) & GitHub App credentials. The cause was GitHub performing a planned brownout as outlined in:
https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/#brownouts
We switched to using SSH keys & SSH urls (git@githib.com:org/repo.git) for the time being and that got jobs working again.
We know we have set up our App and PAT credentials correctly, as the
Branch Sources GitHub were configured to use App/PATs, and are successful in authenticating. So I suspect there is a subtle difference in the way the sharded-pipeline lib plugin and the GitHub Branch Source plugins authenticate into GitHub's APIs.
We have a support case open with Git Hub Enterprise, but I suspect that they'll just tell us to log an issue here (What I'm doing now).
I have uploaded a stack trace of what Jenkins spits out in the Failed Job Log Console with some of our URLs and Cred names redacted.
This won't be reproducible today, as Git Hub has turned down the requirement, but will enable again on July 24th, and permanently enable later in August (See the blog for those dates).
Version info:
- Plugin Version: 2.20
- Jenkins version: 2.277.4
- Git CLI Client thats used: 2.26.2 (Built from source)
Thank you for your time.
- is related to
-
JENKINS-66024 "Password authentication is temporarily disabled as part of a brownout" (GitHub)
- Closed