Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-73250

The GIT_URL environmente variable contains user name after update

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • None
    • 921.v6a_215c8b_f095

      After a plugin upgrade, the GIT_URL env variable seems to include the user name configured in the used Jenkins credential for the repo.

      I'm doing some command line git stuff in a script step like this:

      withCredentials([usernameColonPassword(credentialsId: 'bitbucketuser', variable: 'USERPASS')]) {
        script {
          stdout = bat(returnStdout: true, script: "@git.exe push https://${USERPASS}@${env.GIT_URL.split('://')[1]} --tags")
        } // script
      } // withCredentials
      

      Before the plugin changes, this worked fine, but after, the url git tries to push to, contains two @ characters.

      Pipeline step from build done before the plugin change: @git.exe push https://${USERPASS}@bitbucket.org/Organization/repo.git --tags

      Pipeline step from (failing) build done after the plugin change: @git.exe push https://${USERPASS}@johndoe@bitbucket.org/organization/repo.git --tags

        1. jenkins_plugins.txt
          3 kB
        2. plugins.txt
          5 kB
        3. run-jenkins.sh
          0.9 kB

          [JENKINS-73250] The GIT_URL environmente variable contains user name after update

          Mark Waite added a comment - - edited

          I don't understand the relationship between your Pipeline script that and the git plugin. None of the statements you listed are actually using the git plugin or the GIT_URL variable. Can you explain further?

          My mistake. I did not read carefully enough. You're using the GIT_URL environment variable in the Pipeline statement. That is from the git plugin.

          Mark Waite added a comment - - edited I don't understand the relationship between your Pipeline script that and the git plugin. None of the statements you listed are actually using the git plugin or the GIT_URL variable. Can you explain further? My mistake. I did not read carefully enough. You're using the GIT_URL environment variable in the Pipeline statement. That is from the git plugin.

          Mark Waite added a comment - - edited

          I can't duplicate the problem. I suspect that someone changed the job definition to use a new URL to fetch the repository. I see the GIT_URL without username if the Bitbucket URL that I provide does not include the username. I see the GIT_URL with username if the Bitbucket URL includes a username.

          Steps I took while trying to duplicate the problem:

          1. Create a plugins.txt file that uses the plugin versions that you mentioned and plugins that I commonly use
          2. Create a run-jenkins.sh shell script that downloads Jenkins 2.452.1 and the plugins listed in the plugins.txt file
          3. Run the run-jenkins.sh shell script and complete the setup wizard by creating a new user and installing no additional plugins (since they are already installed)
          4. Define a Pipeline job that clones a public Bitbucket repository and reports the value of GIT_URL using the clone URL suggested by Bitbucket and confirm the GIT_URL includes the username
            pipeline {
                agent any
                stages {
                    stage('Checkout') {
                        steps {
                            script {
                                result = checkout scmGit(branches: [[name: 'master']], 
                                                         userRemoteConfigs: [[url: 'https://markewaite@bitbucket.org/markewaite/git-plugin.git']])
                                echo "git URL is ${result['GIT_URL']}"
                            }
                        }
                    }
                }
            }
            
          5. Modify the Pipeline job to clone from a Bitbucket URL that does not include the username and confirm that GIT_URL does not include the username
            pipeline {
                agent any
                stages {
                    stage('Checkout') {
                        steps {
                            script {
                                result = checkout scmGit(branches: [[name: 'master']], 
                                                         userRemoteConfigs: [[url: 'https://bitbucket.org/markewaite/git-plugin.git']])
                                echo "git URL is ${result['GIT_URL']}"
                            }
                        }
                    }
                }
            }
            

          Mark Waite added a comment - - edited I can't duplicate the problem. I suspect that someone changed the job definition to use a new URL to fetch the repository. I see the GIT_URL without username if the Bitbucket URL that I provide does not include the username. I see the GIT_URL with username if the Bitbucket URL includes a username. Steps I took while trying to duplicate the problem: Create a plugins.txt file that uses the plugin versions that you mentioned and plugins that I commonly use Create a run-jenkins.sh shell script that downloads Jenkins 2.452.1 and the plugins listed in the plugins.txt file Run the run-jenkins.sh shell script and complete the setup wizard by creating a new user and installing no additional plugins (since they are already installed) Define a Pipeline job that clones a public Bitbucket repository and reports the value of GIT_URL using the clone URL suggested by Bitbucket and confirm the GIT_URL includes the username pipeline { agent any stages { stage( 'Checkout' ) { steps { script { result = checkout scmGit(branches: [[name: 'master' ]], userRemoteConfigs: [[url: 'https: //markewaite@bitbucket.org/markewaite/git-plugin.git' ]]) echo "git URL is ${result[ 'GIT_URL' ]}" } } } } } Modify the Pipeline job to clone from a Bitbucket URL that does not include the username and confirm that GIT_URL does not include the username pipeline { agent any stages { stage( 'Checkout' ) { steps { script { result = checkout scmGit(branches: [[name: 'master' ]], userRemoteConfigs: [[url: 'https: //bitbucket.org/markewaite/git-plugin.git' ]]) echo "git URL is ${result[ 'GIT_URL' ]}" } } } } }

          Jesper Matthiesen added a comment - - edited

          Hi Mark,
          thank you for spending time trying to reproduce this.

          Maybe my description of the issue wasn't clear enough - the version of the Git plugin that caused the username to be included in env.GIT_URL is 5.2.2.
          I'm using the Bitbucket branch source plugin configured to use Bitbucket cloud for the Jenkins job in question, and it doesn't allow the git url to be manually specified (you specify things like repo name, owner, credentials, etc, separately), thus somebody (a person) couldn't have changed the url to include the user name.

          The Git plugin provides GIT_URL, but the change that caused the url to be different might be caused by one of the other plugin updates, I guess - it seems pretty complicated how they all depend on each other.

          I've attached a full list (jenkins_plugins.txt) of plugins currently installed - this configuration includes user name in GIT_URL

          Jesper Matthiesen added a comment - - edited Hi Mark, thank you for spending time trying to reproduce this. Maybe my description of the issue wasn't clear enough - the version of the Git plugin that caused the username to be included in env.GIT_URL is 5.2.2. I'm using the Bitbucket branch source plugin configured to use Bitbucket cloud for the Jenkins job in question, and it doesn't allow the git url to be manually specified (you specify things like repo name, owner, credentials, etc, separately), thus somebody (a person) couldn't have changed the url to include the user name. The Git plugin provides GIT_URL, but the change that caused the url to be different might be caused by one of the other plugin updates, I guess - it seems pretty complicated how they all depend on each other. I've attached a full list ( jenkins_plugins.txt ) of plugins currently installed - this configuration includes user name in GIT_URL

          matthiesenj Are those pipeline generated by Mutlibranch using Bitbucket SCM Source ? https://issues.jenkins.io/browse/JENKINS-73796.

          Allan BURDAJEWICZ added a comment - matthiesenj Are those pipeline generated by Mutlibranch using Bitbucket SCM Source ? https://issues.jenkins.io/browse/JENKINS-73796 .

          allan_burdajewicz The branch source is Bitbucket Branch Source Plugin, if that's what you're asking. The Jenkins job is of the multibranch pipeline type.

          Jesper Matthiesen added a comment - allan_burdajewicz The branch source is Bitbucket Branch Source Plugin, if that's what you're asking. The Jenkins job is of the multibranch pipeline type.

          Thanks. So this is definitely duplicated by https://issues.jenkins.io/browse/JENKINS-73796. This is a bitbucket-branch-source issue.

          Allan BURDAJEWICZ added a comment - Thanks. So this is definitely duplicated by https://issues.jenkins.io/browse/JENKINS-73796 . This is a bitbucket-branch-source issue.

          Nikolas Falco added a comment -

          The git url is received from bitbucket.
          An API call is done to https://api.bitbucket.org/2.0/repositories/owner/repo. The response contains a list of links including "clone" link used to build the UserRemoteConfig info. The link contains the user that perform the call, in case of OAuth2 token is the owner. If I use my personal token than I get my usename. This replicates the bitbucket UI page when user is asking for a clone link.
          I will strip the username from http/https URL to restore the behaviour before of this PR https://github.com/jenkinsci/bitbucket-branch-source-plugin/pull/796

          Nikolas Falco added a comment - The git url is received from bitbucket. An API call is done to https://api.bitbucket.org/2.0/repositories/owner/repo . The response contains a list of links including "clone" link used to build the UserRemoteConfig info. The link contains the user that perform the call, in case of OAuth2 token is the owner. If I use my personal token than I get my usename. This replicates the bitbucket UI page when user is asking for a clone link. I will strip the username from http/https URL to restore the behaviour before of this PR https://github.com/jenkinsci/bitbucket-branch-source-plugin/pull/796

            nfalco Nikolas Falco
            matthiesenj Jesper Matthiesen
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: