Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48477

Swarm client should use Remoting version of master

    Details

    • Type: New Feature
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: swarm-plugin
    • Labels:
      None
    • Similar Issues:

      Description

      The Swarm client currently uses the remoting version declared in the pom.xml. This leads to the behavior, that it always uses the same remoting version.

      It should use the remoting version provided by the master (e.g. download the agent.jar from $rootUrl/jnlpJars/agent.jar and use it).

        Attachments

          Activity

          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          It requires a network connection. It could be an option of course, but it cannot be the only supported behavior. So there should be still a fallback to a whatever bundled Remoting version

          Show
          oleg_nenashev Oleg Nenashev added a comment - It requires a network connection. It could be an option of course, but it cannot be the only supported behavior. So there should be still a fallback to a whatever bundled Remoting version
          Hide
          jochenafuerbacher Jochen A. Fürbacher added a comment -

          Couldn't there be a check on SHA sums or something like that? Swarm client could download a list of valid SHA sums from jenkins.io (via HTTPS) and when the agent.jar is transfered by HTTP from the master, the swarm client checks if the SHA sum of the agent.jar is valid.

          E.g. apt is doing somethink like that when downloading deb files from repositories over HTTP, AFAIK.

          Show
          jochenafuerbacher Jochen A. Fürbacher added a comment - Couldn't there be a check on SHA sums or something like that? Swarm client could download a list of valid SHA sums from jenkins.io (via HTTPS) and when the agent.jar is transfered by HTTP from the master, the swarm client checks if the SHA sum of the agent.jar is valid. E.g. apt is doing somethink like that when downloading deb files from repositories over HTTP, AFAIK.
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          There should be a ticket for that somewhere...
          I kinda agree with that, but I do not see a reliable way to do the transfer. Just a download is a security risk while there are HTTP connections to Jenkins

          Show
          oleg_nenashev Oleg Nenashev added a comment - There should be a ticket for that somewhere... I kinda agree with that, but I do not see a reliable way to do the transfer. Just a download is a security risk while there are HTTP connections to Jenkins

            People

            • Assignee:
              Unassigned
              Reporter:
              jochenafuerbacher Jochen A. Fürbacher
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: