-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
github-branch-source:2.11.2
Due to temporary change in GitHub change the required repository permission to list collaborators from Write to Admin, the multibranches of many users were not able to process events / run indexing properly as it would now fail with:
Waiting for GitHub to create a merge commit for pull request 1. Retrying 4 more times... Error while processing pull request 1 java.io.FileNotFoundException: https://api.github.com/repos/test-org/test-repo/collaborators/test-user/permission at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$OkHttpURLConnection.getInputStream(ObsoleteUrlFactory.java:490) at org.kohsuke.github.extras.okhttp3.ObsoleteUrlFactory$DelegatingHttpsURLConnection.getInputStream(ObsoleteUrlFactory.java:1204) at org.kohsuke.github.GitHubHttpUrlConnectionClient$HttpURLConnectionResponseInfo.bodyStream(GitHubHttpUrlConnectionClient.java:196) at org.kohsuke.github.GitHubResponse$ResponseInfo.getBodyAsString(GitHubResponse.java:314) at org.kohsuke.github.GitHubResponse.parseBody(GitHubResponse.java:92) at org.kohsuke.github.Requester.lambda$fetch$1(Requester.java:76) at org.kohsuke.github.GitHubClient.createResponse(GitHubClient.java:455) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:406) Caused: org.kohsuke.github.GHFileNotFoundException: https://api.github.com/repos/test-org/test-repo/collaborators/test-user/permission {"message":"Not Found","documentation_url":"https://docs.github.com/enterprise/3.1/rest/reference/repos#get-repository-permissions-for-a-user"} at org.kohsuke.github.GitHubClient.interpretApiError(GitHubClient.java:486) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:414) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:358) at org.kohsuke.github.Requester.fetch(Requester.java:76) at org.kohsuke.github.GHRepository.getPermission(GHRepository.java:948) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$1.fetch(GitHubSCMSource.java:1031) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSourceRequest.getPermissions(GitHubSCMSourceRequest.java:450) at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:323) at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:310) at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101) at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1265) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1259) at jenkins.scm.api.trait.SCMSourceRequest.process(SCMSourceRequest.java:339) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrievePullRequest(GitHubSCMSource.java:1256) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrieve(GitHubSCMSource.java:1094) at jenkins.scm.api.SCMSource._retrieve(SCMSource.java:373) at jenkins.scm.api.SCMSource.fetch(SCMSource.java:283) at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:642) at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:278) at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:166) at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:1033) at hudson.model.ResourceController.execute(ResourceController.java:100) at hudson.model.Executor.run(Executor.java:433)
Per a discussion with jglick, this is rather unexpected and in such a case, the Jenkinsfile should not be trusted:
> So for some reason it seems that the code in https://github.com/jenkinsci/github-branch-source-plugin/blob/923184ce70fc84252937b8d08872f666efcc288b/src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java#L1608-L1618 is not working as intended. It should be handling the case that the scan credentials lack permission for this API endpoint, by printing a one-line message and proceeding under the conservative assumption that the author of the forked PR is not a collaborator and so Jenkinsfile should not be trusted. (Docs: https://github.com/jenkinsci/github-branch-source-plugin/blob/923184ce70fc84252937b8d08872f666efcc288b/src/main/resources/org/jenkinsci/plugins/github_branch_source/ForkPullRequestDiscoveryTrait/help-trust.html#L20-L29)
The 404 should be gracefully handled:
> plan to at least fix the 404 handling to print "Not permitted to query list of collaborators, assuming none" and continue as untrusted, as the code was written to do.
How to Reproduce
- Need a repo
- Need a fork
- Create a PR from fork for any kind of user (collaborator or no, does not matter for that particular issue)
- create a Multibranch:
- use the credentials (username / Personal Access Token) of a user that has Read permissions on the repo
- only discover PR from Forks, and set Trust to anything but "Everyone"
Note: The other trust strategies “Collaborators“, “Nobody“ and “Everyone” work as designed. Actually the Trust strategy “Collaborators” fallbacks as expected: Not permitted to query list of collaborators, assuming none
- relates to
-
-
- Open
-
- links to
[JENKINS-66661] Fallback to conservative approach if repo collaborators cannot be retrieved
Well, not quite. That issue discusses form validation for the credentials, and only tangentially mentions a stack trace and a scanning failure which is also a bug (should print a warning to the scanning log but then continue).
So if Collaborators is working, then the linked code is in fact OK; the problem is that https://github.com/jenkinsci/github-branch-source-plugin/blob/923184ce70fc84252937b8d08872f666efcc288b/src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java#L1031 or https://github.com/jenkinsci/github-branch-source-plugin/blob/923184ce70fc84252937b8d08872f666efcc288b/src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSourceRequest.java#L450 or https://github.com/jenkinsci/github-branch-source-plugin/blob/923184ce70fc84252937b8d08872f666efcc288b/src/main/java/org/jenkinsci/plugins/github_branch_source/ForkPullRequestDiscoveryTrait.java#L323 ought to be doing something similar.
Allan BURDAJEWICZ
added a comment - Noticed a similar issue happens with the *Collaborators* in a case where the user has access to the Repo but no permissions to se collaborators, that results in a 403. Only 404 and 401 are handled: https://github.com/jenkinsci/github-branch-source-plugin/blob/1728.v859147241f49/src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java#L1582-L1583.
It fails the branch indexing and the retrieval of the Jenkinsfile:
Branch Indexing with "Admin/Write permissions" trust:
ERROR: [Tue. Jun. 27 14:41:28 AEST 2023] Could not fetch branches from source dbaa07e9-f520-49aa-b0d3-21c171026a5c
[Tue. Jun. 27 14:41:28 AEST 2023] Finished branch indexing. Indexing took 11 sec
FATAL: Failed to recompute children of support-core
org.kohsuke.github.HttpException: {"message":"Must have push access to view collaborator permission.","documentation_url":"https://docs.github.com/rest/collaborators/collaborators#get-repository-permissions-for-a-user"}
at org.kohsuke.github.GitHubConnectorResponseErrorHandler$1.onError(GitHubConnectorResponseErrorHandler.java:56)
at org.kohsuke.github.GitHubClient.detectKnownErrors(GitHubClient.java:424)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:386)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:355)
at org.kohsuke.github.Requester.fetch(Requester.java:76)
at org.kohsuke.github.GHRepository.getPermission(GHRepository.java:1028)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$1.fetch(GitHubSCMSource.java:1036)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSourceRequest.getPermissions(GitHubSCMSourceRequest.java:450)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:323)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:310)
at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101)
at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1270)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1264)
at jenkins.scm.api.trait.SCMSourceRequest.process(SCMSourceRequest.java:339)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrievePullRequest(GitHubSCMSource.java:1261)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrieve(GitHubSCMSource.java:1099)
at jenkins.scm.api.SCMSource._retrieve(SCMSource.java:372)
at jenkins.scm.api.SCMSource.fetch(SCMSource.java:282)
at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:640)
at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:269)
at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:167)
at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:1031)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Obtaining Jenkinsfile with "Admin/Write permissions" trust:
15:07:26 Connecting to https://api.github.com using dohbedoh/****** (dohbedoh-gh) Connecting to https://api.github.com to check permissions of obtain list of Dohbedoh for user/repo org.kohsuke.github.HttpException: {"message":"Must have push access to view collaborator permission.","documentation_url":"https://docs.github.com/rest/collaborators/collaborators#get-repository-permissions-for-a-user"} at org.kohsuke.github.GitHubConnectorResponseErrorHandler$1.onError(GitHubConnectorResponseErrorHandler.java:56) at org.kohsuke.github.GitHubClient.detectKnownErrors(GitHubClient.java:424) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:386) at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:355) at org.kohsuke.github.Requester.fetch(Requester.java:76) at org.kohsuke.github.GHRepository.getPermission(GHRepository.java:1028) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$DeferredPermissionsSource.fetch(GitHubSCMSource.java:3016) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSourceRequest.getPermissions(GitHubSCMSourceRequest.java:450) at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:323) at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:310) at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101) at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213) at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.getTrustedRevision(GitHubSCMSource.java:1910) at org.jenkinsci.plugins.workflow.multibranch.SCMBinder.create(SCMBinder.java:103) at org.jenkinsci.plugins.workflow.job.WorkflowRun.run(WorkflowRun.java:312) at hudson.model.ResourceController.execute(ResourceController.java:101) at hudson.model.Executor.run(Executor.java:442)
Branch Indexing with "Collaborators" trust:
ERROR: [Tue. Jun. 27 16:01:58 AEST 2023] Could not fetch branches from source dbaa07e9-f520-49aa-b0d3-21c171026a5c
[Tue. Jun. 27 16:01:58 AEST 2023] Finished branch indexing. Indexing took 3.4 sec
FATAL: Failed to recompute children of support-core
org.kohsuke.github.HttpException: {"message":"Must have push access to view repository collaborators.","documentation_url":"https://docs.github.com/rest/collaborators/collaborators#list-repository-collaborators"}
at org.kohsuke.github.GitHubConnectorResponseErrorHandler$1.onError(GitHubConnectorResponseErrorHandler.java:56)
at org.kohsuke.github.GitHubClient.detectKnownErrors(GitHubClient.java:424)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:386)
at org.kohsuke.github.GitHubPageIterator.fetch(GitHubPageIterator.java:142)
at org.kohsuke.github.GitHubPageIterator.hasNext(GitHubPageIterator.java:89)
at org.kohsuke.github.PagedIterator.fetch(PagedIterator.java:106)
at org.kohsuke.github.PagedIterator.nextPageArray(PagedIterator.java:134)
at org.kohsuke.github.PagedIterable.toArray(PagedIterable.java:78)
at org.kohsuke.github.PagedIterable.toArray(PagedIterable.java:106)
at org.kohsuke.github.GHRepository.getCollaboratorNames(GHRepository.java:987)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.updateCollaboratorNames(GitHubSCMSource.java:1612)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$LazyContributorNames.create(GitHubSCMSource.java:2906)
at org.jenkinsci.plugins.github_branch_source.LazySet.delegate(LazySet.java:58)
at org.jenkinsci.plugins.github_branch_source.LazySet.contains(LazySet.java:78)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustContributors.checkTrusted(ForkPullRequestDiscoveryTrait.java:287)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustContributors.checkTrusted(ForkPullRequestDiscoveryTrait.java:276)
at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101)
at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1270)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1264)
at jenkins.scm.api.trait.SCMSourceRequest.process(SCMSourceRequest.java:339)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrievePullRequest(GitHubSCMSource.java:1261)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrieve(GitHubSCMSource.java:1099)
at jenkins.scm.api.SCMSource._retrieve(SCMSource.java:372)
at jenkins.scm.api.SCMSource.fetch(SCMSource.java:282)
at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:640)
at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:269)
at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:167)
at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:1031)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Obtaining Jenkinsfile with "Collaborators" trust:
16:02:19 Connecting to https://api.github.com using dohbedoh/****** (dohbedoh-gh) Connecting to https://api.github.com to obtain list of collaborators for user/repo Connecting to https://api.github.com using dohbedoh/****** (dohbedoh-gh) It seems https://api.github.com is unreachable, assuming no trusted collaborators Loading trusted files from base branch master at <baseBranchCommit> rather than <prCommit>
Allan BURDAJEWICZ
added a comment - Noticed a similar issue happens with the * Collaborators * in a case where the user has access to the Repo but no permissions to se collaborators, that results in a 403. Only 404 and 401 are handled: https://github.com/jenkinsci/github-branch-source-plugin/blob/1728.v859147241f49/src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java#L1582-L1583 .
It fails the branch indexing and the retrieval of the Jenkinsfile:
Branch Indexing with "Admin/Write permissions" trust:
ERROR: [Tue. Jun. 27 14:41:28 AEST 2023] Could not fetch branches from source dbaa07e9-f520-49aa-b0d3-21c171026a5c
[Tue. Jun. 27 14:41:28 AEST 2023] Finished branch indexing. Indexing took 11 sec
FATAL: Failed to recompute children of support-core
org.kohsuke.github.HttpException: { "message" : "Must have push access to view collaborator permission." , "documentation_url" : "https: //docs.github.com/ rest /collaborators/collaborators#get-repository-permissions- for -a-user" }
at org.kohsuke.github.GitHubConnectorResponseErrorHandler$1.onError(GitHubConnectorResponseErrorHandler.java:56)
at org.kohsuke.github.GitHubClient.detectKnownErrors(GitHubClient.java:424)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:386)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:355)
at org.kohsuke.github.Requester.fetch(Requester.java:76)
at org.kohsuke.github.GHRepository.getPermission(GHRepository.java:1028)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$1.fetch(GitHubSCMSource.java:1036)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSourceRequest.getPermissions(GitHubSCMSourceRequest.java:450)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:323)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:310)
at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101)
at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1270)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1264)
at jenkins.scm.api.trait.SCMSourceRequest.process(SCMSourceRequest.java:339)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrievePullRequest(GitHubSCMSource.java:1261)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrieve(GitHubSCMSource.java:1099)
at jenkins.scm.api.SCMSource._retrieve(SCMSource.java:372)
at jenkins.scm.api.SCMSource.fetch(SCMSource.java:282)
at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:640)
at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:269)
at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:167)
at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:1031)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Obtaining Jenkinsfile with "Admin/Write permissions" trust:
15:07:26 Connecting to https: //api.github.com using dohbedoh/****** (dohbedoh-gh)
Connecting to https: //api.github.com to check permissions of obtain list of Dohbedoh for user/repo
org.kohsuke.github.HttpException: { "message" : "Must have push access to view collaborator permission." , "documentation_url" : "https: //docs.github.com/ rest /collaborators/collaborators#get-repository-permissions- for -a-user" }
at org.kohsuke.github.GitHubConnectorResponseErrorHandler$1.onError(GitHubConnectorResponseErrorHandler.java:56)
at org.kohsuke.github.GitHubClient.detectKnownErrors(GitHubClient.java:424)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:386)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:355)
at org.kohsuke.github.Requester.fetch(Requester.java:76)
at org.kohsuke.github.GHRepository.getPermission(GHRepository.java:1028)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$DeferredPermissionsSource.fetch(GitHubSCMSource.java:3016)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSourceRequest.getPermissions(GitHubSCMSourceRequest.java:450)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:323)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission.checkTrusted(ForkPullRequestDiscoveryTrait.java:310)
at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101)
at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.getTrustedRevision(GitHubSCMSource.java:1910)
at org.jenkinsci.plugins.workflow.multibranch.SCMBinder.create(SCMBinder.java:103)
at org.jenkinsci.plugins.workflow.job.WorkflowRun.run(WorkflowRun.java:312)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Branch Indexing with "Collaborators" trust:
ERROR: [Tue. Jun. 27 16:01:58 AEST 2023] Could not fetch branches from source dbaa07e9-f520-49aa-b0d3-21c171026a5c
[Tue. Jun. 27 16:01:58 AEST 2023] Finished branch indexing. Indexing took 3.4 sec
FATAL: Failed to recompute children of support-core
org.kohsuke.github.HttpException: { "message" : "Must have push access to view repository collaborators." , "documentation_url" : "https: //docs.github.com/ rest /collaborators/collaborators#list-repository-collaborators" }
at org.kohsuke.github.GitHubConnectorResponseErrorHandler$1.onError(GitHubConnectorResponseErrorHandler.java:56)
at org.kohsuke.github.GitHubClient.detectKnownErrors(GitHubClient.java:424)
at org.kohsuke.github.GitHubClient.sendRequest(GitHubClient.java:386)
at org.kohsuke.github.GitHubPageIterator.fetch(GitHubPageIterator.java:142)
at org.kohsuke.github.GitHubPageIterator.hasNext(GitHubPageIterator.java:89)
at org.kohsuke.github.PagedIterator.fetch(PagedIterator.java:106)
at org.kohsuke.github.PagedIterator.nextPageArray(PagedIterator.java:134)
at org.kohsuke.github.PagedIterable.toArray(PagedIterable.java:78)
at org.kohsuke.github.PagedIterable.toArray(PagedIterable.java:106)
at org.kohsuke.github.GHRepository.getCollaboratorNames(GHRepository.java:987)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.updateCollaboratorNames(GitHubSCMSource.java:1612)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$LazyContributorNames.create(GitHubSCMSource.java:2906)
at org.jenkinsci.plugins.github_branch_source.LazySet.delegate(LazySet.java:58)
at org.jenkinsci.plugins.github_branch_source.LazySet.contains(LazySet.java:78)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustContributors.checkTrusted(ForkPullRequestDiscoveryTrait.java:287)
at org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustContributors.checkTrusted(ForkPullRequestDiscoveryTrait.java:276)
at jenkins.scm.api.trait.SCMHeadAuthority.isTrusted(SCMHeadAuthority.java:101)
at jenkins.scm.api.trait.SCMSourceRequest.isTrusted(SCMSourceRequest.java:213)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1270)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$4.create(GitHubSCMSource.java:1264)
at jenkins.scm.api.trait.SCMSourceRequest.process(SCMSourceRequest.java:339)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrievePullRequest(GitHubSCMSource.java:1261)
at org.jenkinsci.plugins.github_branch_source.GitHubSCMSource.retrieve(GitHubSCMSource.java:1099)
at jenkins.scm.api.SCMSource._retrieve(SCMSource.java:372)
at jenkins.scm.api.SCMSource.fetch(SCMSource.java:282)
at jenkins.branch.MultiBranchProject.computeChildren(MultiBranchProject.java:640)
at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:269)
at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:167)
at jenkins.branch.MultiBranchProject$BranchIndexing.run(MultiBranchProject.java:1031)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Obtaining Jenkinsfile with "Collaborators" trust:
16:02:19 Connecting to https: //api.github.com using dohbedoh/****** (dohbedoh-gh)
Connecting to https: //api.github.com to obtain list of collaborators for user/repo
Connecting to https: //api.github.com using dohbedoh/****** (dohbedoh-gh)
It seems https: //api.github.com is unreachable, assuming no trusted collaborators
Loading trusted files from base branch master at <baseBranchCommit> rather than <prCommit>
Probably a duplicate of JENKINS-66366.