-
Bug
-
Resolution: Unresolved
-
Minor
-
Jenkins: 2.375.3
OS: Linux - 5.10.0-19-amd64
Java: 11.0.18 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
---
analysis-model-api:10.23.1
antisamy-markup-formatter:159.v25b_c67cd35fb_
apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5
authentication-tokens:1.4
aws-java-sdk:1.12.406-374.v4cdf53953691
aws-java-sdk-cloudformation:1.12.406-374.v4cdf53953691
aws-java-sdk-codebuild:1.12.406-374.v4cdf53953691
aws-java-sdk-ec2:1.12.406-374.v4cdf53953691
aws-java-sdk-ecr:1.12.406-374.v4cdf53953691
aws-java-sdk-ecs:1.12.406-374.v4cdf53953691
aws-java-sdk-efs:1.12.406-374.v4cdf53953691
aws-java-sdk-elasticbeanstalk:1.12.406-374.v4cdf53953691
aws-java-sdk-iam:1.12.406-374.v4cdf53953691
aws-java-sdk-logs:1.12.406-374.v4cdf53953691
aws-java-sdk-minimal:1.12.406-374.v4cdf53953691
aws-java-sdk-sns:1.12.406-374.v4cdf53953691
aws-java-sdk-sqs:1.12.406-374.v4cdf53953691
aws-java-sdk-ssm:1.12.406-374.v4cdf53953691
blueocean:1.27.3
blueocean-autofavorite:1.2.5
blueocean-bitbucket-pipeline:1.27.3
blueocean-commons:1.27.3
blueocean-config:1.27.3
blueocean-core-js:1.27.3
blueocean-dashboard:1.27.3
blueocean-display-url:2.4.1
blueocean-events:1.27.3
blueocean-git-pipeline:1.27.3
blueocean-github-pipeline:1.27.3
blueocean-i18n:1.27.3
blueocean-jira:1.27.3
blueocean-jwt:1.27.3
blueocean-personalization:1.27.3
blueocean-pipeline-api-impl:1.27.3
blueocean-pipeline-editor:1.27.3
blueocean-pipeline-scm-api:1.27.3
blueocean-rest:1.27.3
blueocean-rest-impl:1.27.3
blueocean-web:1.27.3
bootstrap4-api:4.6.0-5
bootstrap5-api:5.2.1-3
bouncycastle-api:2.27
branch-api:2.1071.v1a_188a_562481
caffeine-api:2.9.3-65.v6a_47d0f4d1fe
checks-api:1.8.1
cloudbees-bitbucket-branch-source:800.va_b_b_9a_a_5035c1
cloudbees-disk-usage-simple:178.v1a_4d2f6359a_8
cloudbees-folder:6.815.v0dd5a_cb_40e0e
cobertura:1.17
code-coverage-api:3.5.0
command-launcher:90.v669d7ccb_7c31
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-36.vc008c8fcda_7b_
credentials:1224.vc23ca_a_9a_2cb_0
credentials-binding:523.vd859a_4b_122e6
data-tables-api:1.12.1-4
display-url-api:2.3.7
docker-commons:419.v8e3cd84ef49c
docker-workflow:563.vd5d2e5c4007f
durable-task:504.vb10d1ae5ba2f
echarts-api:5.4.0-1
email-ext:2.95
embeddable-build-status:339.v1edb_5e63da_45
extended-read-permission:3.2
favorite:2.4.1
font-awesome-api:6.2.1-1
forensics-api:1.17.0
git:5.0.0
git-client:4.2.0
git-server:99.va_0826a_b_cdfa_d
github:1.37.0
github-api:1.303-417.ve35d9dd78549
github-branch-source:1703.vd5a_2b_29c6cdc
github-checks:1.0.20-SNAPSHOT (private-23ee21e2-douwork)
github-oauth:0.39
github-scm-trait-notification-context:1.1
google-oauth-plugin:1.0.8
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953
htmlpublisher:1.31
http_request:1.16
instance-identity:142.v04572ca_5b_265
ionicons-api:45.vf54fca_5d2154
jackson2-api:2.14.2-319.v37853346a_229
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.8-1
jdk-tool:63.v62d2fd4b_4793
jenkins-design-language:1.27.3
jersey2-api:2.39.1-1
jira:3.9
jjwt-api:0.11.5-77.v646c772fddb_0
jquery3-api:3.6.1-2
jsch:0.1.55.61.va_e9ee26616e7
junit:1189.v1b_e593637fa_e
kubernetes:3900.va_dce992317b_4
kubernetes-client-api:6.4.1-215.v2ed17097a_8e9
kubernetes-credentials:0.10.0
lockable-resources:1131.vb_7c3d377e723
mailer:448.v5b_97805e3767
matrix-project:785.v06b_7f47b_c631
mercurial:1260.vdfb_723cdcc81
metrics:4.2.13-420.vea_2f17932dd6
mina-sshd-api-common:2.9.2-62.v199162f0a_2f8
mina-sshd-api-core:2.9.2-62.v199162f0a_2f8
monitoring:1.92.0
oauth-credentials:0.5
okhttp-api:4.10.0-132.v7a_7b_91cef39c
pipeline-build-step:487.va_823138eee8b_
pipeline-github:2.8-999999-SNAPSHOT (private-ae5af2e8-leo)
pipeline-githubnotify-step:49.vf37bf92d2bc8
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:629.vb_5627b_ee2104
pipeline-input-step:466.v6d0a_5df34f81
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2125.vddb_a_44a_d605e
pipeline-model-definition:2.2125.vddb_a_44a_d605e
pipeline-model-extensions:2.2125.vddb_a_44a_d605e
pipeline-rest-api:2.32
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2125.vddb_a_44a_d605e
pipeline-stage-view:2.32
pipeline-utility-steps:2.15.1
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:2.20.0
popper-api:1.16.1-3
popper2-api:2.11.6-2
prism-api:1.29.0-2
prometheus:2.1.2
pubsub-light:1.17
scm-api:631.v9143df5b_e4a_a
script-security:1229.v4880b_b_e905a_6
slack:631.v40deea_40323b
snakeyaml-api:1.33-95.va_b_a_e3e47b_fa_4
sse-gateway:1.26
ssh-credentials:305.v8f4381501156
ssh-steps:2.0.65.vd26b_5b_9b_de4d
sshd:3.275.v9e17c10f2571
structs:324.va_f5d6774f3a_d
timestamper:1.23
token-macro:321.vd7cc1f2a_52c8
trilead-api:2.84.v72119de229b_7
variant:59.vf075fe829ccb
warnings-ng:9.23.1
workflow-aggregator:596.v8c21c963d92d
workflow-api:1208.v0cc7c6e0da_9e
workflow-basic-steps:1010.vf7a_b_98e847c1
workflow-cps:3653.v07ea_433c90b_4
workflow-cps-global-lib:609.vd95673f149b_b
workflow-durable-task-step:1241.v1a_63e465f943
workflow-job:1289.vd1c337fd5354
workflow-multibranch:733.v109046189126
workflow-scm-step:408.v7d5b_135a_b_d49
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c
Jenkins: 2.375.3 OS: Linux - 5.10.0-19-amd64 Java: 11.0.18 - Eclipse Adoptium (OpenJDK 64-Bit Server VM) --- analysis-model-api:10.23.1 antisamy-markup-formatter:159.v25b_c67cd35fb_ apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5 authentication-tokens:1.4 aws-java-sdk:1.12.406-374.v4cdf53953691 aws-java-sdk-cloudformation:1.12.406-374.v4cdf53953691 aws-java-sdk-codebuild:1.12.406-374.v4cdf53953691 aws-java-sdk-ec2:1.12.406-374.v4cdf53953691 aws-java-sdk-ecr:1.12.406-374.v4cdf53953691 aws-java-sdk-ecs:1.12.406-374.v4cdf53953691 aws-java-sdk-efs:1.12.406-374.v4cdf53953691 aws-java-sdk-elasticbeanstalk:1.12.406-374.v4cdf53953691 aws-java-sdk-iam:1.12.406-374.v4cdf53953691 aws-java-sdk-logs:1.12.406-374.v4cdf53953691 aws-java-sdk-minimal:1.12.406-374.v4cdf53953691 aws-java-sdk-sns:1.12.406-374.v4cdf53953691 aws-java-sdk-sqs:1.12.406-374.v4cdf53953691 aws-java-sdk-ssm:1.12.406-374.v4cdf53953691 blueocean:1.27.3 blueocean-autofavorite:1.2.5 blueocean-bitbucket-pipeline:1.27.3 blueocean-commons:1.27.3 blueocean-config:1.27.3 blueocean-core-js:1.27.3 blueocean-dashboard:1.27.3 blueocean-display-url:2.4.1 blueocean-events:1.27.3 blueocean-git-pipeline:1.27.3 blueocean-github-pipeline:1.27.3 blueocean-i18n:1.27.3 blueocean-jira:1.27.3 blueocean-jwt:1.27.3 blueocean-personalization:1.27.3 blueocean-pipeline-api-impl:1.27.3 blueocean-pipeline-editor:1.27.3 blueocean-pipeline-scm-api:1.27.3 blueocean-rest:1.27.3 blueocean-rest-impl:1.27.3 blueocean-web:1.27.3 bootstrap4-api:4.6.0-5 bootstrap5-api:5.2.1-3 bouncycastle-api:2.27 branch-api:2.1071.v1a_188a_562481 caffeine-api:2.9.3-65.v6a_47d0f4d1fe checks-api:1.8.1 cloudbees-bitbucket-branch-source:800.va_b_b_9a_a_5035c1 cloudbees-disk-usage-simple:178.v1a_4d2f6359a_8 cloudbees-folder:6.815.v0dd5a_cb_40e0e cobertura:1.17 code-coverage-api:3.5.0 command-launcher:90.v669d7ccb_7c31 commons-lang3-api:3.12.0-36.vd97de6465d5b_ commons-text-api:1.10.0-36.vc008c8fcda_7b_ credentials:1224.vc23ca_a_9a_2cb_0 credentials-binding:523.vd859a_4b_122e6 data-tables-api:1.12.1-4 display-url-api:2.3.7 docker-commons:419.v8e3cd84ef49c docker-workflow:563.vd5d2e5c4007f durable-task:504.vb10d1ae5ba2f echarts-api:5.4.0-1 email-ext:2.95 embeddable-build-status:339.v1edb_5e63da_45 extended-read-permission:3.2 favorite:2.4.1 font-awesome-api:6.2.1-1 forensics-api:1.17.0 git:5.0.0 git-client:4.2.0 git-server:99.va_0826a_b_cdfa_d github:1.37.0 github-api:1.303-417.ve35d9dd78549 github-branch-source:1703.vd5a_2b_29c6cdc github-checks:1.0.20-SNAPSHOT (private-23ee21e2-douwork) github-oauth:0.39 github-scm-trait-notification-context:1.1 google-oauth-plugin:1.0.8 handlebars:3.0.8 handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953 htmlpublisher:1.31 http_request:1.16 instance-identity:142.v04572ca_5b_265 ionicons-api:45.vf54fca_5d2154 jackson2-api:2.14.2-319.v37853346a_229 jakarta-activation-api:2.0.1-3 jakarta-mail-api:2.0.1-3 javax-activation-api:1.2.0-6 javax-mail-api:1.6.2-9 jaxb:2.3.8-1 jdk-tool:63.v62d2fd4b_4793 jenkins-design-language:1.27.3 jersey2-api:2.39.1-1 jira:3.9 jjwt-api:0.11.5-77.v646c772fddb_0 jquery3-api:3.6.1-2 jsch:0.1.55.61.va_e9ee26616e7 junit:1189.v1b_e593637fa_e kubernetes:3900.va_dce992317b_4 kubernetes-client-api:6.4.1-215.v2ed17097a_8e9 kubernetes-credentials:0.10.0 lockable-resources:1131.vb_7c3d377e723 mailer:448.v5b_97805e3767 matrix-project:785.v06b_7f47b_c631 mercurial:1260.vdfb_723cdcc81 metrics:4.2.13-420.vea_2f17932dd6 mina-sshd-api-common:2.9.2-62.v199162f0a_2f8 mina-sshd-api-core:2.9.2-62.v199162f0a_2f8 monitoring:1.92.0 oauth-credentials:0.5 okhttp-api:4.10.0-132.v7a_7b_91cef39c pipeline-build-step:487.va_823138eee8b_ pipeline-github:2.8-999999-SNAPSHOT (private-ae5af2e8-leo) pipeline-githubnotify-step:49.vf37bf92d2bc8 pipeline-graph-analysis:202.va_d268e64deb_3 pipeline-groovy-lib:629.vb_5627b_ee2104 pipeline-input-step:466.v6d0a_5df34f81 pipeline-milestone-step:111.v449306f708b_7 pipeline-model-api:2.2125.vddb_a_44a_d605e pipeline-model-definition:2.2125.vddb_a_44a_d605e pipeline-model-extensions:2.2125.vddb_a_44a_d605e pipeline-rest-api:2.32 pipeline-stage-step:305.ve96d0205c1c6 pipeline-stage-tags-metadata:2.2125.vddb_a_44a_d605e pipeline-stage-view:2.32 pipeline-utility-steps:2.15.1 plain-credentials:143.v1b_df8b_d3b_e48 plugin-util-api:2.20.0 popper-api:1.16.1-3 popper2-api:2.11.6-2 prism-api:1.29.0-2 prometheus:2.1.2 pubsub-light:1.17 scm-api:631.v9143df5b_e4a_a script-security:1229.v4880b_b_e905a_6 slack:631.v40deea_40323b snakeyaml-api:1.33-95.va_b_a_e3e47b_fa_4 sse-gateway:1.26 ssh-credentials:305.v8f4381501156 ssh-steps:2.0.65.vd26b_5b_9b_de4d sshd:3.275.v9e17c10f2571 structs:324.va_f5d6774f3a_d timestamper:1.23 token-macro:321.vd7cc1f2a_52c8 trilead-api:2.84.v72119de229b_7 variant:59.vf075fe829ccb warnings-ng:9.23.1 workflow-aggregator:596.v8c21c963d92d workflow-api:1208.v0cc7c6e0da_9e workflow-basic-steps:1010.vf7a_b_98e847c1 workflow-cps:3653.v07ea_433c90b_4 workflow-cps-global-lib:609.vd95673f149b_b workflow-durable-task-step:1241.v1a_63e465f943 workflow-job:1289.vd1c337fd5354 workflow-multibranch:733.v109046189126 workflow-scm-step:408.v7d5b_135a_b_d49 workflow-step-api:639.v6eca_cd8c04a_a_ workflow-support:839.v35e2736cfd5c
After https://github.com/jenkinsci/github-branch-source-plugin/pull/527 was merged and https://issues.jenkins.io/browse/JENKINS-62220 was closed, I tried to change credential config and delete organization name config in credential setting, hoping the plugins can automatically set it during build.
At first it worked well, for repo that user has admin or push permission, everything worked, repo can be cloned, github checks can be published.
But if the pr author does not have admin or push permission.
Started by user 111 17:03:48 Connecting to https://github.intra.xxx.com/api/v3 using ghe github app sa-jenkins Connecting to https://github.intra.xxx.com/api/v3 to check permissions of obtain list of xxx for playground/hello-world Loading trusted files from base branch master at 6bafc2571f9e40ad62143bea3ea63f7b36c351c2 rather than 457c9f3248479a59364b08a5a8e4558859dd63ec java.lang.IllegalArgumentException: Found multiple installations for GitHub app ID 9 but none match credential owner "". Set the right owner in the credential advanced options at org.jenkinsci.plugins.github_branch_source.GitHubAppCredentials.lambda$generateAppInstallationToken$1(GitHubAppCredentials.java:249) at java.base/java.util.Optional.orElseThrow(Optional.java:408) at org.jenkinsci.plugins.github_branch_source.GitHubAppCredentials.generateAppInstallationToken(GitHubAppCredentials.java:246) at org.jenkinsci.plugins.github_branch_source.GitHubAppCredentials.getToken(GitHubAppCredentials.java:298) at org.jenkinsci.plugins.github_branch_source.GitHubAppCredentials.getPassword(GitHubAppCredentials.java:327) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.createPasswordFile(CliGitAPIImpl.java:2453) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:2067) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:623) at jenkins.plugins.git.GitSCMFileSystem$BuilderImpl.build(GitSCMFileSystem.java:451) at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:316) at org.jenkinsci.plugins.workflow.multibranch.SCMBinder.create(SCMBinder.java:104) at org.jenkinsci.plugins.workflow.job.WorkflowRun.run(WorkflowRun.java:312) at hudson.model.ResourceController.execute(ResourceController.java:107) at hudson.model.Executor.run(Executor.java:449)
I tried to ananlyse the backtrace but I cannot find anything valuable.
The build steps are as follows:
1. Create a build using the Multibranch plugin.
2. Determine the required builder based on the selected SCMSource and revision.
3. Call the build function of the selected builder.
There are two current issues:
1. Why was the build method within the GitHubSCMFileSystem in the Github-branch-source plugin not selected when choosing a builder, considering that this method can correctly select credentials?
2. Why does the branch build work correctly, or when the PR author has permission, the build works correctly? Is everything working correctly, or is there another reason?
The solution to the first issue could be to modify the git-plugin by changing the supports method and removing support for AbstractGitSCMSource objects (as shown in lines 274-275 of GitSCMFileSystem.java), theoretically allowing for correct selection of GitHubSCMFileSystem.
Regarding the second issue, I am unable to understand it. Upon reviewing the code, the paths taken for builds with or without permission for a PR are the same, and the SCM is also identical, with the only difference being the head revision.
- relates to
-
JENKINS-62220 GitHub App to support credentials with multiple organizations
-
- Resolved
-