Re: No valid crumb - scm trigger doesn't work since 2.222 - pull 4509

2020-03-09 Thread Daniel Beck 



> On 9. Mar 2020, at 13:06, Stölzer Sven  wrote:
> 
> it seems that since version 2.222 the scm trigger doesn’t work.
> The requested Crumb form jenkins server was correctly included in the post 
> commit hook see attachment.

It's unclear to me what happened here.

If Jenkins was already configured to require CSRF crumbs before the update, 
then nothing should have changed.

If that wasn't the case however, but the script already submitted CSRF crumbs, 
those should have been unnecessary in the past…? So why did it do that? Who or 
what generated that command?

If you recently adapted your script to submit CSRF crumbs after the update, you 
didn't do it quite right. Why, and how to solve it, is explained at 
https://jenkins.io/doc/upgrade-guide/2.176/#SECURITY-626

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/64A3271B-9DB6-40E8-ABAD-48FFE689B5E5%40beckweb.net.

How to upload a View configuration to Jenkins

2020-03-09 Thread Martin Jost 
Hello,

I'm using Jenkins 2.204.2 currently.
I'm trying to download a view configuration, modify it and upload again.

If I look at the API for a view,
http://ull105.net:/view/PHY_Master/api/
I get at the the bottom:
"Fetch/Update config.xml

To programmatically obtain config.xml, hit this URL 
. You can also POST an 
updated config.xml to the same URL to programmatically update the 
configuration of a view."


Ok, so I do,

"/usr/bin/wget --auth-no-challenge --no-proxy --http-user="me" 
--http-password="" http://ull105.net:9998/view/PHY_DevD-L/config.xml -O 
viewPHY_DevD-L.xml": ok 

=> And get viewPHY_DevD-L.xml, which contains my view configuration.


Now I want to upload the same file, as "new" view configuration (as a test):

"/usr/bin/wget --auth-no-challenge --no-proxy -nv --http-user="me" 
--http-password="" http://ull105.net:9998/view/PHY_DevD-L/config.xml 
--post-file="viewPHY_DevD-L.xml" 
--header='Content-type:application/xml;charset=ISO-8859-1'"

=> But I get an "Error code: 500"

[I have seen '500' as reaction to malformed xml passed to Jenkins; but I 
try to upload the file, I've just downloaded, so it should be fine)


What do I do incorrectly ? Or is the documentation incorrect ?

(I can download and upload the configuration of jobs, and tried to model 
the command according to this)


Regards


Martin


-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/572981b4-1089-470b-9182-4d2988986821%40googlegroups.com.

Re: How to use the "email-ext" extension?

2020-03-09 Thread Marky Jackson 
Also check out this write 
up: https://ikeptwalking.com/using-email-ext-plugin-in-jenkins-pipeline/

On Monday, March 9, 2020 at 4:34:02 AM UTC-7, Alexander Dietz wrote:
>
> Hello,
>
> I am trying to use the extension "email-ext" but I could not find any 
> useable documentation for it on how to use it with YAML!. Below is an 
> excerpt from the xml definition - but how to write that in yaml? 
>
> I have this documentation so far: 
> https://jenkins.io/doc/pipeline/steps/email-ext/ but it has no example. 
> Also I do not see a lot of common expressions. I mean, how to attach a 
> file? How to define the list of recipients? 
>
>
>  
>   alexan...@test.com 
>   
> 
>   
> $PROJECT_DEFAULT_SUBJECT
> $PROJECT_DEFAULT_CONTENT
> 
>   
> 
>   
> 
> 
> 
> false
> false
> $PROJECT_DEFAULT_REPLYTO
> project
>   
> 
>   
>   text/plain
>   Page check $WEBPAGE failed
>   The page check for page '$WEBPAGE' failed. 
> See the attached report for details.
>   linkreport.out
>   $DEFAULT_PRESEND_SCRIPT
>   $DEFAULT_POSTSEND_SCRIPT
>   false
>   false
>   $DEFAULT_REPLYTO
>   
>   false
>   false
>   ONLY_CONFIGURATIONS
> 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/d6052568-3537-43f5-9b5b-c45c822febe6%40googlegroups.com.

Re: No valid crumb - scm trigger doesn't work since 2.222 - pull 4509

2020-03-09 Thread Slide 
Please see this post from the developers group, it mentions the CSRF
protections enabled in 2.222

https://groups.google.com/forum/#!topic/jenkinsci-dev/NTlo7lhWY_Q

On Mon, Mar 9, 2020 at 5:13 AM Stölzer Sven  wrote:

> Hi Jenkins-Team,
>
>
>
> it seems that since version 2.222 the scm trigger doesn’t work.
>
> The requested Crumb form jenkins server was correctly included in the post
> commit hook see attachment.
>
> But the Jenkins throws an: “HTTP ERROR 403 No valid crumb was included in
> the request”.
>
> Where is the error location? The generated subversion wget command or
> security handling into the Jenkins?
>
> ---
>
> Wget cmd: /usr/bin/wget --auth-no-challenge --header
> "Jenkins-Crumb:9a6dc1d616085659d48e4d26f1509ab6fbf78b2a6d732852b9d758dc46a54e71"
> --post-data "U
> branches/BRANCH_sves/BRANCH_2_9_3_systech/scripts/linux/build_deb.sh"
> --output-document "-" --timeout=1 --dns-timeout=30 --tries=3
> http://172.20.5.73:4/subversion/f33a5e67-b273-c240-b8af-d48613201abc/notifyCommit?rev=25557
>
> ---
>
> Jenkins Configuration: CSRF Protection -> Crumb Issuer ->
> Standard-Crumb-Generator
>
> ---
>
> In my opinion the Jenkins changelog version 2.222: “Remove the ability to
> have CSRF protection disabled. Instances upgrading from older versions of
> Jenkins will have CSRF protection enabled and the default issuer set if
> they currently have it disabled. (pull 4509
> )“  is the problem.
>
>
>
> Did you have any ideas?
>
>
>
> Best regards
>
> Svestl
>
>
> 
>
> Geschäftsführer: Dr. Albert Schmidt · Dr. Oliver Vietze
> Sitz der Gesellschaft: Radeberg
> Amtsgericht Dresden: HRB 15379
> Ust. ID: DE  189714583
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/0E03711F7CAA144B915279ECD2B6EED902B2B1B741%40srvchfra018.baumernet.org
> 
> .
>


-- 
Website: http://earl-of-code.com

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAPiUgVdxPTn2XSg7HmoBvWCcWgAxfY0tqNDQ3MPHdptyJZSmTA%40mail.gmail.com.

No valid crumb - scm trigger doesn't work since 2.222 - pull 4509

2020-03-09 Thread Stölzer Sven 
Hi Jenkins-Team,

it seems that since version 2.222 the scm trigger doesn’t work.
The requested Crumb form jenkins server was correctly included in the post 
commit hook see attachment.
But the Jenkins throws an: “HTTP ERROR 403 No valid crumb was included in the 
request”.
Where is the error location? The generated subversion wget command or security 
handling into the Jenkins?
---
Wget cmd: /usr/bin/wget --auth-no-challenge --header 
"Jenkins-Crumb:9a6dc1d616085659d48e4d26f1509ab6fbf78b2a6d732852b9d758dc46a54e71"
 --post-data "U   
branches/BRANCH_sves/BRANCH_2_9_3_systech/scripts/linux/build_deb.sh" 
--output-document "-" --timeout=1 --dns-timeout=30 --tries=3 
http://172.20.5.73:4/subversion/f33a5e67-b273-c240-b8af-d48613201abc/notifyCommit?rev=25557
---
Jenkins Configuration: CSRF Protection -> Crumb Issuer -> 
Standard-Crumb-Generator
---
In my opinion the Jenkins changelog version 2.222: “Remove the ability to have 
CSRF protection disabled. Instances upgrading from older versions of Jenkins 
will have CSRF protection enabled and the default issuer set if they currently 
have it disabled. (pull 4509)“  
is the problem.

Did you have any ideas?

Best regards
Svestl


[cid:imagefbe714.GIF@2df86803.4daef46f]

Geschäftsführer: Dr. Albert Schmidt · Dr. Oliver Vietze
Sitz der Gesellschaft: Radeberg
Amtsgericht Dresden: HRB 15379
Ust. ID: DE  189714583

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/0E03711F7CAA144B915279ECD2B6EED902B2B1B741%40srvchfra018.baumernet.org.


crumbissuer.pcapng
Description: crumbissuer.pcapng

Re: How to use the "email-ext" extension?

2020-03-09 Thread Slide 
Here you go:
https://github.com/jenkinsci/configuration-as-code-plugin/blob/master/docs/features/configExport.md

Regards,

Alex

On Mon, Mar 9, 2020 at 5:03 AM Alexander Dietz 
wrote:

> I can export the yaml? How to do so? I do not see such an option.
>
>
> Cheers
> Alex
>
> On Monday, 9 March 2020 12:54:14 UTC+1, slide wrote:
>>
>> Is this for CasC? If so, I would recommend setting it up via the UI and
>> then exporting the yaml to see how to use it.
>>
>> On Mon, Mar 9, 2020, 04:33 Alexander Dietz  wrote:
>>
>>> Hello,
>>>
>>> I am trying to use the extension "email-ext" but I could not find any
>>> useable documentation for it on how to use it with YAML!. Below is an
>>> excerpt from the xml definition - but how to write that in yaml?
>>>
>>> I have this documentation so far:
>>> https://jenkins.io/doc/pipeline/steps/email-ext/ but it has no example.
>>> Also I do not see a lot of common expressions. I mean, how to attach a
>>> file? How to define the list of recipients?
>>>
>>>
>>>  
>>>   alexan...@test.com
>>>   
>>> 
>>>   
>>> $PROJECT_DEFAULT_SUBJECT
>>> $PROJECT_DEFAULT_CONTENT
>>> 
>>>   
>>> 
>>>   
>>> 
>>> 
>>> 
>>> false
>>> false
>>> $PROJECT_DEFAULT_REPLYTO
>>> project
>>>   
>>> 
>>>   
>>>   text/plain
>>>   Page check $WEBPAGE failed
>>>   The page check for page '$WEBPAGE' failed. 
>>> See the attached report for details.
>>>   linkreport.out
>>>   $DEFAULT_PRESEND_SCRIPT
>>>   $DEFAULT_POSTSEND_SCRIPT
>>>   false
>>>   false
>>>   $DEFAULT_REPLYTO
>>>   
>>>   false
>>>   false
>>>   ONLY_CONFIGURATIONS
>>> 
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Jenkins Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to jenkins...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/jenkinsci-users/44cca061-8b5d-4ca9-a3db-03e2f48cceae%40googlegroups.com
>>> 
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/d8a4a7f9-8d50-4d69-808b-68791f48d7ee%40googlegroups.com
> 
> .
>


-- 
Website: http://earl-of-code.com

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAPiUgVf-wU-oncBCJCppo_at0z%2BL5E%3DyPPSUF9f_auzWBBgJ%2BQ%40mail.gmail.com.

Re: How to use the "email-ext" extension?

2020-03-09 Thread Alexander Dietz 
I can export the yaml? How to do so? I do not see such an option. 


Cheers
Alex

On Monday, 9 March 2020 12:54:14 UTC+1, slide wrote:
>
> Is this for CasC? If so, I would recommend setting it up via the UI and 
> then exporting the yaml to see how to use it.
>
> On Mon, Mar 9, 2020, 04:33 Alexander Dietz  > wrote:
>
>> Hello,
>>
>> I am trying to use the extension "email-ext" but I could not find any 
>> useable documentation for it on how to use it with YAML!. Below is an 
>> excerpt from the xml definition - but how to write that in yaml? 
>>
>> I have this documentation so far: 
>> https://jenkins.io/doc/pipeline/steps/email-ext/ but it has no example. 
>> Also I do not see a lot of common expressions. I mean, how to attach a 
>> file? How to define the list of recipients? 
>>
>>
>>  
>>   alexan...@test.com 
>>   
>> 
>>   
>> $PROJECT_DEFAULT_SUBJECT
>> $PROJECT_DEFAULT_CONTENT
>> 
>>   
>> 
>>   
>> 
>> 
>> 
>> false
>> false
>> $PROJECT_DEFAULT_REPLYTO
>> project
>>   
>> 
>>   
>>   text/plain
>>   Page check $WEBPAGE failed
>>   The page check for page '$WEBPAGE' failed. 
>> See the attached report for details.
>>   linkreport.out
>>   $DEFAULT_PRESEND_SCRIPT
>>   $DEFAULT_POSTSEND_SCRIPT
>>   false
>>   false
>>   $DEFAULT_REPLYTO
>>   
>>   false
>>   false
>>   ONLY_CONFIGURATIONS
>> 
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to jenkins...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/jenkinsci-users/44cca061-8b5d-4ca9-a3db-03e2f48cceae%40googlegroups.com
>>  
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/d8a4a7f9-8d50-4d69-808b-68791f48d7ee%40googlegroups.com.

Re: How to use the "email-ext" extension?

2020-03-09 Thread Slide 
Is this for CasC? If so, I would recommend setting it up via the UI and
then exporting the yaml to see how to use it.

On Mon, Mar 9, 2020, 04:33 Alexander Dietz  wrote:

> Hello,
>
> I am trying to use the extension "email-ext" but I could not find any
> useable documentation for it on how to use it with YAML!. Below is an
> excerpt from the xml definition - but how to write that in yaml?
>
> I have this documentation so far:
> https://jenkins.io/doc/pipeline/steps/email-ext/ but it has no example.
> Also I do not see a lot of common expressions. I mean, how to attach a
> file? How to define the list of recipients?
>
>
>  
>   alexander.t...@test.com
>   
> 
>   
> $PROJECT_DEFAULT_SUBJECT
> $PROJECT_DEFAULT_CONTENT
> 
>   
> 
>   
> 
> 
> 
> false
> false
> $PROJECT_DEFAULT_REPLYTO
> project
>   
> 
>   
>   text/plain
>   Page check $WEBPAGE failed
>   The page check for page '$WEBPAGE' failed. 
> See the attached report for details.
>   linkreport.out
>   $DEFAULT_PRESEND_SCRIPT
>   $DEFAULT_POSTSEND_SCRIPT
>   false
>   false
>   $DEFAULT_REPLYTO
>   
>   false
>   false
>   ONLY_CONFIGURATIONS
> 
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/44cca061-8b5d-4ca9-a3db-03e2f48cceae%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAPiUgVeCKz_YCFiMkx_Z_vZwo_Leed2OGqWWR9qp0m2FVZWzDQ%40mail.gmail.com.

How to use the "email-ext" extension?

2020-03-09 Thread Alexander Dietz 
Hello,

I am trying to use the extension "email-ext" but I could not find any 
useable documentation for it on how to use it with YAML!. Below is an 
excerpt from the xml definition - but how to write that in yaml? 

I have this documentation so far: 
https://jenkins.io/doc/pipeline/steps/email-ext/ but it has no example. 
Also I do not see a lot of common expressions. I mean, how to attach a 
file? How to define the list of recipients? 


 
  alexander.t...@test.com
  

  
$PROJECT_DEFAULT_SUBJECT
$PROJECT_DEFAULT_CONTENT

  

  



false
false
$PROJECT_DEFAULT_REPLYTO
project
  

  
  text/plain
  Page check $WEBPAGE failed
  The page check for page '$WEBPAGE' failed. See 
the attached report for details.
  linkreport.out
  $DEFAULT_PRESEND_SCRIPT
  $DEFAULT_POSTSEND_SCRIPT
  false
  false
  $DEFAULT_REPLYTO
  
  false
  false
  ONLY_CONFIGURATIONS


-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/44cca061-8b5d-4ca9-a3db-03e2f48cceae%40googlegroups.com.

Retrospective: Regressions in Jenkins 2.204.3...2.204.5

2020-03-09 Thread Oleg Nenashev 
Dear all,

We had serious regressions in the 2.204.x LTS baseline starting from
2.204.3 which was released on Feb 28 (changelog
). After that we had 2 out-of-order
releases over a week, with 3 major regressions reported by Jenkins LTS
users. These regressions were largely related to the embedded Jetty web
container updates in the LTS baseline. In 2.204.5 we also had to
reintroduce a defect in the LTS release, and it is also far from business
as usual.

I have started a public retrospective document

to restore the sequence of events and to discuss what we could do better in
the next releases. Anyone is welcome to comment in the doc and to make
suggestions there. If you are a Jenkins user affected by the issues, your
feedback will be much appreciated as well. Thanks in advance for your time!

I also suggest organizing a recorded video call next week to discuss the
retrospective feedback. If you are interested to participate, please vote
for the meeting times here: https://doodle.com/poll/xrhpmsk9xpba2tfh

Just to emphasize, the purpose of the retrospective  is to improve our
processes and to ensure better quality of LTS and weekly releases. The
regressions were caused by numerous causes and they passed though all our
quality gates, there is no sense to put blame on any Jenkins team. There
are many contributors involved in the core maintenance, and we do our best
to provide stable releases, including weekends and burning the midnight
oil. Please refrain from putting a blame and let's focus on making Jenkins
releases more stable.

P.S: We are always looking for more contributors
 and
reviewers/maintainers in the Jenkins core. If you are interested to
help with maintaining the kernel of the project with millions of developers
using it daily, please let us know!

Best regards,
Oleg Nenashev
Jenkins Core Team

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAPfivLBRhsDsnkx0T-qgdV7awnrH1ss7j%2BBfFW_9mh_vrdkNdg%40mail.gmail.com.