-
Bug
-
Resolution: Not A Defect
-
Critical
-
Jenkins Version: 2.332.1
OS: Windows 10
Browser: Chrome
Active Directory Plugin: 2.25.1
Host Java Version: 1.8.0_252
In an update from Jenkins version 2.204.4 to 2.332.1, I got the following error:
java.lang.IllegalStateException: An attempt to save the global configuration was made before it was loaded
at jenkins.model.Jenkins.save(Jenkins.java:3519)
at jenkins.model.Jenkins.saveQuietly(Jenkins.java:3546)
at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2743)
at jenkins.model.Jenkins$15.run(Jenkins.java:3481)
at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:175)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:305)
at jenkins.model.Jenkins$5.runTask(Jenkins.java:1156)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:222)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:121)
at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:68)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused: org.jvnet.hudson.reactor.ReactorException
at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:291)
at jenkins.InitReactorRunner.run(InitReactorRunner.java:49)
at jenkins.model.Jenkins.executeReactor(Jenkins.java:1191)
at jenkins.model.Jenkins.<init>(Jenkins.java:981)
at hudson.model.Hudson.<init>(Hudson.java:86)
at hudson.model.Hudson.<init>(Hudson.java:82)
at hudson.WebAppMain$3.run(WebAppMain.java:247)
Caused: hudson.util.HudsonFailedToLoad
at hudson.WebAppMain$3.run(WebAppMain.java:264)
I was able to bypass this by commenting out the <authorizationStrategy> and <securityRealm> tags in the config.xml file, however; that wiped out all the Active Directory settings as well as all the Role Based permissions my company had saved. I had saved a version of the config.xml, so I was able to manually recreate these roles, however; after having restarted Jenkins I am now receiving the same error.
I do not want to have to re-enter all the roles each time Jenkins must be restarted, a fairly common action.
Is there something I am doing incorrectly, or is this a Jenkins issue?
The only workarounds I have found are the commenting out the xml tags or downgrading to Jenkins 2.263.1. I tried the downgrade, but that did not work either.
Thank you in advance.
Edit: Removing the Active Directory plugin from the possible issue list. I enabled only the Security Realm with AD enabled, and rebooted Jenkins. The issue did not arise...
Edit 2: Installing Configuration as Code plugin did not fix the issue, as there is still information saved in the <authorizationStrategy> block in config.xml which causes the error to arise on restart.
The issue relied on the fact that two plugins were in a deadlocked state where they would not update. Specifically the Matrix Authorization Strategy Plugin and the role-strategy-plugin. Being new to Jenkins I did not realize this was possible, and not wanting to break anything only updated the compatible updatable plugins. Updating Jenkins but not the plugins led to this issue.