Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-40708

Gerrit trigger needs the read access rights for anonymous users to retrieve the dynamic trigger configuration.

    Details

    • Similar Issues:

      Description

      Repro steps:

      1. Create a pipeline job with dynamic trigger being configured. The trigger configuration file is stored locally, so its URL is something like
        "file:///var/lib/jenkins/jobs/some-jenkins-job/lastSuccessful/archive/trigger_config.txt"
      2. Push a gerrit code review which is supposed to trigger the pipeline job as its project and branch is specified in the dynamic configuration text file.

      Expected outcome:
      The pipeline job is triggered to start.

      Actual outcome:
      The pipeline job is NOT triggered to start.

      Workaround:
      If the anonymous users is granted the "Overall Read" and "Job Read" rights as shown in the attached picture, the pipeline job is triggered to start as expected.

      If you need any other information or logs, please let me know.

        Attachments

          Activity

          Hide
          renwei Wei Ren added a comment -

          Correct the workaround:

          We only need to grant the anonymous users the "Job Read" rights and don't need to grant them the "Overall Read" rights.

          Show
          renwei Wei Ren added a comment - Correct the workaround: We only need to grant the anonymous users the "Job Read" rights and don't need to grant them the "Overall Read" rights.
          Hide
          alonbl Alon Bar-Lev added a comment -

          The anonymous users should be restricted in some cases so no permissions will be granted. The plugin should act under a specific user or even admin and not anonymous. Please fix, I had to add a permission to anonymous and expose my jobs.
          Thanks!

          Show
          alonbl Alon Bar-Lev added a comment - The anonymous users should be restricted in some cases so no permissions will be granted. The plugin should act under a specific user or even admin and not anonymous. Please fix, I had to add a permission to anonymous and expose my jobs. Thanks!

            People

            • Assignee:
              rsandell rsandell
              Reporter:
              renwei Wei Ren
            • Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: