Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42791

Developer should be asked for their Github token when loading the editor

    Details

    • Sprint:
      Blue Ocean 1.0-rc3, Blue Ocean 1.1, Blue Ocean 1.2-beta1, Blue Ocean 1.2-beta2, Blue Ocean 1.2-beta3, Blue Ocean 1.2-beta4, Blue Ocean 1.2
    • Similar Issues:

      Description

      Improvement on roadmap

      This improvement is on the Blue Ocean project roadmap. Check the roadmap page for updates.

      Context
      A Github token is required to read and write the Jenkinsfile. In the situation where a second user tries to edit a pipeline and they have never provided their Github token, the editor should prompt them for their token. They could also be asked to provide their credential if the one stored is invalid.

      Scope

      • When loading the editor we should check that the token they have associated with the user is valid and has the correct scopes to write to the repository.
        • If they cannot write to the repository they should see a dialog:
          • Title: Permission denied
          • Description: You do not have the required permissions to edit this Pipeline.
          • Button: "Go back"
      • If there is no token, we ask for the token (as per the mockups below)
        • Title: "Connect to Github"
        • Description: "Jenkins needs an access key to read and write to the repository <i>$repositoryName</i>"
        • Buttons
          • Connect
          • "Cancel" - takes you back whence you came

      Notes
      Keep in mind that we will have to make the same flow work for when the user does not have SSH credentials for Git and Bitbucket. Does not need to be resolved this effort but just something to think about as you are developing.

      Mockups

        Attachments

          Issue Links

            Activity

            Hide
            cliffmeyers Cliff Meyers added a comment -

            James Dumay after discussing with Keith last week we identified a hole in our service API. While we can validate and create the the credential, we need an API to associate that user's credential with the GitHub org folder. It looks like the code to do so may be here:

            https://github.com/jenkinsci/blueocean-plugin/blob/master/blueocean-github-pipeline/src/main/java/io/jenkins/blueocean/blueocean_github_pipeline/GithubPipelineCreateRequest.java#L128

            @Vivek Pandey do you have any thoughts on this?

            Show
            cliffmeyers Cliff Meyers added a comment - James Dumay after discussing with Keith last week we identified a hole in our service API. While we can validate and create the the credential, we need an API to associate that user's credential with the GitHub org folder. It looks like the code to do so may be here: https://github.com/jenkinsci/blueocean-plugin/blob/master/blueocean-github-pipeline/src/main/java/io/jenkins/blueocean/blueocean_github_pipeline/GithubPipelineCreateRequest.java#L128 @ Vivek Pandey do you have any thoughts on this?
            Hide
            michaelneale Michael Neale added a comment -

            Cliff Meyers Vivek Pandey When you open the creation flow and click github - it will check the user can access it and validate the token. If not - it will ask the user. This happens as the credential is stored against user, not org folder or anything. So can look at how creation works, and try to make it work in a similar fashion? 

             

            (github enterprise will be slightly more complicated, as it depends what pipeline they are editing for what GHE server etc). 

            Show
            michaelneale Michael Neale added a comment - Cliff Meyers Vivek Pandey When you open the creation flow and click github - it will check the user can access it and validate the token. If not - it will ask the user. This happens as the credential is stored against user, not org folder or anything. So can look at how creation works, and try to make it work in a similar fashion?    (github enterprise will be slightly more complicated, as it depends what pipeline they are editing for what GHE server etc). 
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Cliff Meyers
            Path:
            Jenkinsfile
            PULL_REQUEST_TEMPLATE
            README.md
            src/main/js/EditorPage.jsx
            src/main/js/PipelineEditorLink.jsx
            http://jenkins-ci.org/commit/blueocean-pipeline-editor-plugin/49a802926f9e67e27c7a0ffb2a762ba8c0de4c31
            Log:
            Merge branch 'master' into story/JENKINS-42791-editor-prompt-github-token

            1. Conflicts:
            2. src/main/js/EditorPage.jsx
            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Cliff Meyers Path: Jenkinsfile PULL_REQUEST_TEMPLATE README.md src/main/js/EditorPage.jsx src/main/js/PipelineEditorLink.jsx http://jenkins-ci.org/commit/blueocean-pipeline-editor-plugin/49a802926f9e67e27c7a0ffb2a762ba8c0de4c31 Log: Merge branch 'master' into story/ JENKINS-42791 -editor-prompt-github-token Conflicts: src/main/js/EditorPage.jsx
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Cliff Meyers
            Path:
            pom.xml
            src/main/js/EditorPage.jsx
            src/main/js/SaveApi.js
            http://jenkins-ci.org/commit/blueocean-pipeline-editor-plugin/5a9d0c228a2a6bb7ca2ab033daae88e78ec9c40e
            Log:
            Merge branch 'master' into story/JENKINS-42791-editor-prompt-github-token

            1. Conflicts:
            2. src/main/js/EditorPage.jsx
            3. src/main/js/SaveApi.js
            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Cliff Meyers Path: pom.xml src/main/js/EditorPage.jsx src/main/js/SaveApi.js http://jenkins-ci.org/commit/blueocean-pipeline-editor-plugin/5a9d0c228a2a6bb7ca2ab033daae88e78ec9c40e Log: Merge branch 'master' into story/ JENKINS-42791 -editor-prompt-github-token Conflicts: src/main/js/EditorPage.jsx src/main/js/SaveApi.js
            Hide
            cliffmeyers Cliff Meyers added a comment -
            Show
            cliffmeyers Cliff Meyers added a comment - PR's https://github.com/jenkinsci/blueocean-plugin/pull/1318 and https://github.com/jenkinsci/blueocean-pipeline-editor-plugin/pull/45 should hopefully be the last PR's to get this wrapped up.

              People

              • Assignee:
                cliffmeyers Cliff Meyers
                Reporter:
                jamesdumay James Dumay
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: