Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-36241

Delivery Pipeline Plugin Parameters not passed between jobs - bug in master code (not yet released)

    Details

    • Similar Issues:

      Description

      This is a bug discovered after using a plugin built from the current master code (0.09.12-SNAPSHOT), not in the released versions yet.

      When a job is used within the pipeline that has the "Trigger Parameterized Build on Other Project" post-build action selected, the parameters are not being passed to the downstream job during the pipeline execution. The bug exists for the parameters passed from properties file.

        Attachments

          Activity

          Hide
          kalyankix Kalyan Koduru added a comment -

          I believe it may be related to this.
          https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11

          I ran into same issue when I did the upgrade to Jenkins 2.8, and had to update my job configuration to ensure that downstream jobs are parameterized.

          Not sure if it's due to the same reason.

          Show
          kalyankix Kalyan Koduru added a comment - I believe it may be related to this. https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11 I ran into same issue when I did the upgrade to Jenkins 2.8, and had to update my job configuration to ensure that downstream jobs are parameterized. Not sure if it's due to the same reason.
          Hide
          olgamaciaszek Olga Maciaszek-Sharma added a comment - - edited

          Thanks for this information. We have not raised our Jenkins version to a higher one (we have -1.651.3- 1.642.3), only the plugin version, so it should still work fine without defining additional safe parameters and it seems to be a bug. But maybe it was introduced while doing adjustments to the issues you've described.

          Show
          olgamaciaszek Olga Maciaszek-Sharma added a comment - - edited Thanks for this information. We have not raised our Jenkins version to a higher one (we have - 1.651.3 - 1.642.3), only the plugin version, so it should still work fine without defining additional safe parameters and it seems to be a bug. But maybe it was introduced while doing adjustments to the issues you've described.
          Hide
          kalyankix Kalyan Koduru added a comment -

          So, I think it's related to the version upgrade as the fix seems to be applicable to Jenkins version 1.652 and above as provided in the URL: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11

          Fix
          Jenkins main line users should update to 2.3
          Jenkins LTS users should update to 1.651.2

          Try creating a test job with the downstream parameterized and see if you the values are passed. I believe it would work and you can also disable system property just as a workaround, as it seems to be not recommended.

          Hope it helps.

          Show
          kalyankix Kalyan Koduru added a comment - So, I think it's related to the version upgrade as the fix seems to be applicable to Jenkins version 1.652 and above as provided in the URL: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11 Fix Jenkins main line users should update to 2.3 Jenkins LTS users should update to 1.651.2 Try creating a test job with the downstream parameterized and see if you the values are passed. I believe it would work and you can also disable system property just as a workaround, as it seems to be not recommended. Hope it helps.
          Hide
          olgamaciaszek Olga Maciaszek-Sharma added a comment -

          Sorry, there was a mistake in my previous comment. The jenkins version we use is 1.642.3. We haven't done any upgrade. We have only used a new (built from upstream) version of DPP.

          Show
          olgamaciaszek Olga Maciaszek-Sharma added a comment - Sorry, there was a mistake in my previous comment. The jenkins version we use is 1.642.3. We haven't done any upgrade. We have only used a new (built from upstream) version of DPP.
          Hide
          tommysdk Tommy Tynjä added a comment -

          Olga Maciaszek-Sharma Thank you for discovering this. As Kalyan Koduru mentions this was most likely introduced when the SECURITY-170 / CVE-2016-3721 was addressed in https://github.com/Diabol/delivery-pipeline-plugin/pull/182 which is in current DPP master but not yet released. I will take look at your feature request.

          Show
          tommysdk Tommy Tynjä added a comment - Olga Maciaszek-Sharma Thank you for discovering this. As Kalyan Koduru mentions this was most likely introduced when the SECURITY-170 / CVE-2016-3721 was addressed in https://github.com/Diabol/delivery-pipeline-plugin/pull/182 which is in current DPP master but not yet released. I will take look at your feature request.
          Hide
          tommysdk Tommy Tynjä added a comment -

          Proposed solution merged as 9f2892772b81c40ed230aa659a5ded93730a5299.
          Will be part of next release.

          Olga Maciaszek-Sharma Thank you so much for finding and addressing this issue! Keep those contributions coming, we really appreciate them!

          Show
          tommysdk Tommy Tynjä added a comment - Proposed solution merged as 9f2892772b81c40ed230aa659a5ded93730a5299. Will be part of next release. Olga Maciaszek-Sharma Thank you so much for finding and addressing this issue! Keep those contributions coming, we really appreciate them!

            People

            • Assignee:
              olgamaciaszek Olga Maciaszek-Sharma
              Reporter:
              olgamaciaszek Olga Maciaszek-Sharma
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: