-
Bug
-
Resolution: Fixed
-
Blocker
-
None
-
Windows Jenkins master version 2.361.3, Windows Jenkins slave Swarm client 3.37
After upgrade to Swarm client 3.37 the Jenkins slave cannot connect anymore to the Jenkins master with version 2.361.3. Error message i get is:
Nov 03, 2022 3:54:12 PM hudson.plugins.swarm.SwarmClient getCsrfCrumb
SEVERE: Could not obtain CSRF crumb. Response code: 400
<h1>Bad Message 400</h1><pre>reason: Bad Request</pre>
Nov 03, 2022 3:54:12 PM hudson.plugins.swarm.Client run
SEVERE: An error occurred
hudson.plugins.swarm.RetryException: Failed to create a Swarm agent on Jenkins. Response code: 400
<h1>Bad Message 400</h1><pre>reason: Bad Request</pre>
at hudson.plugins.swarm.SwarmClient.createSwarmAgent(SwarmClient.java:405)
at hudson.plugins.swarm.Client.run(Client.java:216)
at hudson.plugins.swarm.Client.main(Client.java:68)
Java version running is in C:\Program Files\AdoptOpenJDK\jdk-11.0.11.9-openj9\bin\java.exe
Jenkins slave is started with these commands:
"C:\Program Files (x86)\GnuWin32\bin\wget" -v --no-proxy -P . http://%MASTER%%MASTERPORT%/swarm/swarm-client.jar -O swarm%MASTER%.jar
java -jar swarm%MASTER%.jar -executors 1 -disableClientsUniqueId -deleteExistingClients -fsroot %JENKINS_WORKAREA% -labels "%COMPUTERNAME% %SUPPORTED_LABELS%" -master http://%MASTER%%MASTERPORT% -username %USERNAME% -password %PASSWD% -name %COMPUTERNAME% -description "%COMPUTERNAME% runs %SUPPORTED_LABELS%"
[JENKINS-70007] Could not obtain CSRF crumb. Response code: 400
Basil Crow
added a comment - That much is also obvious, pointing to the fact that if you are unable or unwilling to debug the issue you can always maintain a private fork with that commit reverted.
Basil Crow
added a comment - That much is also obvious, pointing to the fact that if you are unable or unwilling to debug the issue you can always maintain a private fork with that commit reverted. No sense in maintaining a private fork, we want to use the latest version or at least keep up-to-date, this is why we spend effort in trying to debug the issue, however no luck so far because we have a lack of knowledge and help is appreciated.
Basil Crow
added a comment - I can offer no help other than suggesting the use of a Java debugger. Still not able to debug the jar file, tried eclipse but i cannot view the source 
However in trying to set up a test environment on my Personal LapTop connected trough VPN@home i found that my LapTop can connect using swarm client v3.39. Need to test this @office tomorrow.
What i also noticed in the logging is that there is a difference between my LapTop@VPN@Home and a dedicated desktop/server@Office-computer-room that the LapTop does not do a crumb request.
Here is the logging of my LapTop:
INFO: Attempting to connect to http://<jenkins URL>:80/
jan. 25, 2023 11:08:17 A.M. hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: <LAPTOP NAME>
The logging of the dedicated desktop/server:
INFO: Attempting to connect to http://<jenkins URL>:80/
Jan 25, 2023 11:07:17 AM hudson.plugins.swarm.SwarmClient getCsrfCrumb
SEVERE: Could not obtain CSRF crumb. Response code: 400
It seems that the swarm code running another request for the same settings, but possibly i am wrong...
Connected LapTop to wired and wifi @Office now i see the: error: Could not obtain CSRF crumb. Response code: 400
Tried to set -Dhttp.proxyHost and -Dhttp.proxyPort then i get error: 502
Somehow it seems that the swarm-client uses random ports to communicate and not the ports defined in Manage Jenkins->Security->TCP port for inbound agents
We have set this to "Fixed: 8080", but we see other ports used for communication., see below a capture from WireShark 
Can it be that the issue is caused by the optimize option of the firewall?
Our IT specialists whitelisted the subnets on which the Jenkins nodes are placed to not use the optimization.
Now the issue seems to be solved, issue closed....
I know also for sure that this change caused the issue: https://github.com/jenkinsci/swarm-plugin/pull/493