Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-70240

Non-HTTP based UpdateCenter URLs cause exception in plugin manager

    • 2.383

      If you use a non http based update center (e.g. file:// or other) then the UpdateCenter validation breaks.

      ```
      2022-12-09 09:31:50.119+0000 [id=107] WARNING o.e.j.s.h.ContextHandler$Context#log: Error while serving http://localhost:8080/manage/pluginManager/checkUpdateSiteUrl
      java.lang.ClassCastException: class sun.net.www.protocol.file.FileURLConnection cannot be cast to class java.net.HttpURLConnection (sun.net.www.protocol.file.FileURLConnection and java.net.HttpURLConnection are in module java.base of loader 'bootstrap')
      at hudson.PluginManager.doCheckUpdateSiteUrl(PluginManager.java:1968)
      at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710)
      at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)
      Caused: java.lang.reflect.InvocationTargetException
      ```

      The UpdateCenter check should not assume all UC are HTTP based.

      Steps to reproduce

      1. download a valid update-center.json file and store it locally on the file system (/tmp/foo.json)
      2. start Jenkins
      3. goto the plugin manager
      4. in the Update Site URL enter a URL such as file:/tmp/foo.json

      Expected results

      Validation passes

      Actual results

      Stack trasce and angry Jenkins

      Caused by https://github.com/jenkinsci/jenkins/pull/6886

          [JENKINS-70240] Non-HTTP based UpdateCenter URLs cause exception in plugin manager

          James Nord added a comment -

          https://github.com/jenkinsci/jenkins/pull/7524 created as a replacement for 7520

          James Nord added a comment - https://github.com/jenkinsci/jenkins/pull/7524 created as a replacement for 7520

          Daniel Beck added a comment -

          notmyfault Why did you remove lts-candidate? While nominations are done freely, removal of status should be accompanied by a quick explanation unless it's really obvious from the issue.

          Daniel Beck added a comment - notmyfault Why did you remove lts-candidate ? While nominations are done freely, removal of status should be accompanied by a quick explanation unless it's really obvious from the issue.

          The implementation uses the HTTP client API, introduced in #7398, which does not exist in 2.375.x; hence I rejected the candidate.
          This will be part of the next LTS baseline, which includes the HTTP client API.

          Alexander Brandes added a comment - The implementation uses the HTTP client API, introduced in #7398 , which does not exist in 2.375.x; hence I rejected the candidate. This will be part of the next LTS baseline, which includes the HTTP client API.

          Basil Crow added a comment -

          The implementation uses the HTTP client API, introduced in #7398, which does not exist in 2.375.x

          But an equivalent API does exist in 2.375.x, which was used prior to #7398. Therefore this backport is not infeasible, just nontrivial—as I mentioned proactively in JENKINS-70240 (comment). As such I do not think it is a valid reason to reject the backport request. (A valid reason for rejecting a backport request would be that it is too risky, introduces a new and unproven API, etc.) It may be a valid reason to escalate the backport to the original author if the release lead is unable to do the more difficult work of logically (rather than physically) re-authoring the change against an older version.

          Basil Crow added a comment - The implementation uses the HTTP client API, introduced in #7398 , which does not exist in 2.375.x But an equivalent API does exist in 2.375.x, which was used prior to #7398. Therefore this backport is not infeasible, just nontrivial—as I mentioned proactively in JENKINS-70240 (comment). As such I do not think it is a valid reason to reject the backport request. (A valid reason for rejecting a backport request would be that it is too risky, introduces a new and unproven API, etc.) It may be a valid reason to escalate the backport to the original author if the release lead is unable to do the more difficult work of logically (rather than physically) re-authoring the change against an older version.

          I'm already running on a tight schedule and feel I don't have the time to investigate into a rewrite of this patch before next week. Maybe someone else is around who wants to contribute such a change if they have the time available?

          Alexander Brandes added a comment - I'm already running on a tight schedule and feel I don't have the time to investigate into a rewrite of this patch before next week. Maybe someone else is around who wants to contribute such a change if they have the time available?

          Basil Crow added a comment -

          That is perfectly reasonable, and a reason to escalate the task to someone else (rather than a reason to reject the backport request). teilo / julieheard are either of you interested in taking on the backport?

          Basil Crow added a comment - That is perfectly reasonable, and a reason to escalate the task to someone else (rather than a reason to reject the backport request). teilo / julieheard are either of you interested in taking on the backport?

          James Nord added a comment -

          noting that the RC is scheduled for 2023-01-25, so any backporting and code review would need to be complete before then.

          James Nord added a comment - noting that the RC is scheduled for 2023-01-25, so any backporting and code review would need to be complete before then.

          Basil Crow added a comment -

          Right. Are you going to do it or what?

          Basil Crow added a comment - Right. Are you going to do it or what?

          Raul Arabaolaza added a comment - - edited

          We are gonna to try to do it.

          Raul Arabaolaza added a comment - - edited We are gonna to try to do it.

          rsandell added a comment -

          rsandell added a comment - Backport PR: https://github.com/jenkinsci/jenkins/pull/7597

            teilo James Nord
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: