Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-9016

Git creates usernames based on 'name' not the email.

    Details

    • Similar Issues:

      Description

      I realize mapping git author/commit users back to Jenkin's users is pain, but perhaps it could be done a little better.

      Some ideas:

      • Try looking up a user's email and comparing that.
      • Using the user portion from the email (e.g. someuser@example.com becomes someuser).
      • Looking up the user's email in LDAP, if LDAP is being used.

      The last would be ideal for us.

      Ciao!

        Attachments

          Issue Links

            Activity

            Hide
            babilon Bartosz Błaszkiewicz added a comment -

            I was just hit by the same issue. E-mail should be compared against e-mail field, not processed and compared against some different field. Or at least please give an option to choose the behaviour.

            Show
            babilon Bartosz Błaszkiewicz added a comment - I was just hit by the same issue. E-mail should be compared against e-mail field, not processed and compared against some different field. Or at least please give an option to choose the behaviour.
            Hide
            jeremfg Jérémie Faucher-Goulet added a comment -

            I agree with everyone else here. We just started converting from old jobs to Pipeline jobs and are now faced with issues surrounding user mapping. I'll admit, it's probably more due to the fact we updated our 3 years old Jenkins instance.

            The unique identifier IS the email address. This is what should be used for mapping with registered Jenkins user. As many others, our company use shorthand names for login in AD, yet in Git all our users configure their full name. This is a common practice in the corporate world at it makes it easy to login everywhere with a shorter name. In my case it's even a lifesaver.
            Imagine if I had to type "Jeremie.Faucher-Goulet" every time I log in somewhere, instead of the much easier "jfaucher" I use against AD in all login forms everywhere.

            Even Fisheye+Crucible from Atlassian is able to do proper mapping between AD and git committer based on emails.

            I feel this is really needed, as I don't like disabling the security check against registered Jenkins users.... We did have in the past a few cases of embarrassing leaked emails from Jenkins because we compile 3rd party applications and committers outside the organization appeared as the culprits in some failed builds. Until Jenkins does proper user mapping based on email we are vulnerable to this issue because we are forced to disable the security feature in the meantime.

            Show
            jeremfg Jérémie Faucher-Goulet added a comment - I agree with everyone else here. We just started converting from old jobs to Pipeline jobs and are now faced with issues surrounding user mapping. I'll admit, it's probably more due to the fact we updated our 3 years old Jenkins instance. The unique identifier IS the email address. This is what should be used for mapping with registered Jenkins user. As many others, our company use shorthand names for login in AD, yet in Git all our users configure their full name. This is a common practice in the corporate world at it makes it easy to login everywhere with a shorter name. In my case it's even a lifesaver. Imagine if I had to type "Jeremie.Faucher-Goulet" every time I log in somewhere, instead of the much easier "jfaucher" I use against AD in all login forms everywhere. Even Fisheye+Crucible from Atlassian is able to do proper mapping between AD and git committer based on emails. I feel this is really needed, as I don't like disabling the security check against registered Jenkins users.... We did have in the past a few cases of embarrassing leaked emails from Jenkins because we compile 3rd party applications and committers outside the organization appeared as the culprits in some failed builds. Until Jenkins does proper user mapping based on email we are vulnerable to this issue because we are forced to disable the security feature in the meantime.
            Hide
            brianjmurrell Brian J Murrell added a comment -

            Can't the e-mail address(es) in the commit message be used to find Jenkins security realm users?

            The e-mail address in my commit messages is the same as the e-mail address associated with my Jenkins account.  Why can those not be matched up?

            Show
            brianjmurrell Brian J Murrell added a comment - Can't the e-mail address(es) in the commit message be used to find Jenkins security realm users? The e-mail address in my commit messages is the same as the e-mail address associated with my Jenkins account.  Why can those not be matched up?
            Hide
            patrickv Patrick Van Brussel added a comment -

            Would it be possible to have some kind of 'domain filter' when you enable the 'Allow sending to unregistered users' checkbox?

            For instance: allow sending mails to contributers to a git repo that don't have a Jenkins account, but that do have an email address set up that ends with '@domain.com'.

            This would be interesting so that when we're using open source git(hub) repositories we don't accidentally sent out mails to the contributers there, when one of our builds fail.

            Show
            patrickv Patrick Van Brussel added a comment - Would it be possible to have some kind of 'domain filter' when you enable the 'Allow sending to unregistered users' checkbox? For instance: allow sending mails to contributers to a git repo that don't have a Jenkins account, but that do have an email address set up that ends with '@domain.com'. This would be interesting so that when we're using open source git(hub) repositories we don't accidentally sent out mails to the contributers there, when one of our builds fail.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: George
            Path:
            src/main/java/hudson/plugins/emailext/ExtendedEmailPublisherDescriptor.java
            src/main/java/hudson/plugins/emailext/plugins/recipients/RecipientProviderUtilities.java
            src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy
            src/main/webapp/help/globalConfig/allowUnregistered.html
            http://jenkins-ci.org/commit/email-ext-plugin/19081b2aa3d32c479125b538c545fdd3065960f8
            Log:
            JENKINS-43268 adding global checkbox to allow sending to unregistered emails. This is a workaround to a SCM plugin issue, like JENKINS-9016 and probably others (#161)

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: George Path: src/main/java/hudson/plugins/emailext/ExtendedEmailPublisherDescriptor.java src/main/java/hudson/plugins/emailext/plugins/recipients/RecipientProviderUtilities.java src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy src/main/webapp/help/globalConfig/allowUnregistered.html http://jenkins-ci.org/commit/email-ext-plugin/19081b2aa3d32c479125b538c545fdd3065960f8 Log: JENKINS-43268 adding global checkbox to allow sending to unregistered emails. This is a workaround to a SCM plugin issue, like JENKINS-9016 and probably others (#161)

              People

              • Assignee:
                Unassigned
                Reporter:
                docwhat Christian Höltje
              • Votes:
                40 Vote for this issue
                Watchers:
                50 Start watching this issue

                Dates

                • Created:
                  Updated: