Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43802

Shared Library using folder-scoped credential fails to authenticate

    Details

    • Similar Issues:

      Description

      In my GitHub Org job (using GitHub Enterprise), I added a pipeline lib source that is in GitHub.  If the scan credential is scoped to the job (created in the job, vs created in the global credential store), there are two problems:

      1) The config page under branch shows an error instead of "Currently maps to revision: $SHA".

      2) If using a job-scoped credential, the "git fetch" in the job execution does not contain a line saying "Setting GIT_ASKPASS ..."

      If I switch to the identical credential stored in the global scope, both the config page and the git fetch (GIT_ASKPASS) works.

      I can give more details or try to isolate the problem if needed (standalone, minimal sets of plugins).

        Attachments

          Activity

          Hide
          namraclik Martin Hegarty added a comment -

          Also waiting on this issue to be resolved. While using the 'Legacy SCM' option works for us, it in turn exposes us to JENKINS-44075 meaning that we can not specify the shared library version to check out in our Jenkinsfile.

          Show
          namraclik Martin Hegarty added a comment - Also waiting on this issue to be resolved. While using the 'Legacy SCM' option works for us, it in turn exposes us to JENKINS-44075  meaning that we can not specify the shared library version to check out in our Jenkinsfile.
          Hide
          gregory_picot Gregory PICOT added a comment -

          Also waiting on this issue to be resolved. The 'Legacy SCM' doesn't work for us, because it doesn't able us to use 'system' scoped credentials. The goal for us is to able people using exposed shared library without having the access to the repository itself.

          Show
          gregory_picot Gregory PICOT added a comment - Also waiting on this issue to be resolved. The 'Legacy SCM' doesn't work for us, because it doesn't able us to use 'system' scoped credentials. The goal for us is to able people using exposed shared library without having the access to the repository itself.
          Hide
          jglick Jesse Glick added a comment -

          Reproduced. The attached JENKINS-43802.diff solves the issue in the reported case and so confirms my hypothesis of 2017-08-21, but it is not thread-safe, and will not work for non-multibranch projects. The thread safety could be addressed with some hacks, but the extension to plain projects seems possible only with some API changes and their use in various SCM plugins.

          Show
          jglick Jesse Glick added a comment - Reproduced. The attached JENKINS-43802.diff solves the issue in the reported case and so confirms my hypothesis of 2017-08-21, but it is not thread-safe, and will not work for non-multibranch projects. The thread safety could be addressed with some hacks, but the extension to plain projects seems possible only with some API changes and their use in various SCM plugins.
          Hide
          matthiasbalke Matthias Balke added a comment -

          Also regular GIT checkouts using "Modern SCM > GIT" are affected by this! Are there any plans on fixing this bug in the near future?

          Show
          matthiasbalke Matthias Balke added a comment - Also regular GIT checkouts using "Modern SCM > GIT" are affected by this! Are there any plans on fixing this bug in the near future?
          Hide
          markewaite Mark Waite added a comment -

          Fixed in git plugin 3.11.0 released July 27, 2019

          Show
          markewaite Mark Waite added a comment - Fixed in git plugin 3.11.0 released July 27, 2019

            People

            • Assignee:
              jglick Jesse Glick
              Reporter:
              vallon Justin Vallon
            • Votes:
              24 Vote for this issue
              Watchers:
              29 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: