search

jenkinsci / configuration-as-code-plugin

Jenkins Configuration as Code Plugin
https://plugins.jenkins.io/configuration-as-code
MIT License
2.7k stars 722 forks source link

java.lang.IllegalArgumentException: Failed to parse 'Run/Replay:' --- no such permission #2074

Open patsevanton opened 2 years ago

patsevanton commented 2 years ago

Jenkins and plugins versions report

Environment ```text Paste the output here ```

What Operating System are you using (both controller, and any agents involved in the problem)?

Jenkins: 2.346.2 OS: Linux - 5.4.0-122-generic

bootstrap5-api:5.1.3-7 caffeine-api:2.9.3-65.v6a_47d0f4d1fe checks-api:1.7.4 cloudbees-folder:6.736.v5f554b_b_a_52b_3 command-launcher:84.v4a_97f2027398 configuration-as-code:1512.vb_79d418d5fc8 credentials:1139.veb_9579fca33b credentials-binding:523.vd859a_4b_122e6 display-url-api:2.3.6 echarts-api:5.3.3-1 email-ext:2.91 folder-auth:1.4 font-awesome-api:6.1.1-1 google-login:1.6 jackson2-api:2.13.3-285.vc03c0256d517 jakarta-activation-api:2.0.0-3 jakarta-mail-api:2.0.0-6 javax-activation-api:1.2.0-4 javax-mail-api:1.6.2-7 jaxb:2.3.6-1 jdk-tool:1.5 jquery3-api:3.6.0-4 junit:1119.1121.vc43d0fc45561 mailer:435.v79ef3972b_5c7 matrix-auth:3.1.5 matrix-project:772.v494f19991984 mina-sshd-api-common:2.8.0-36.v8e25ce90d4b_1 mina-sshd-api-core:2.8.0-36.v8e25ce90d4b_1 plain-credentials:1.8 plugin-util-api:2.17.0 popper2-api:2.11.5-2 role-strategy:546.ve16648865996 scm-api:616.ve67136f6c77d script-security:1175.v4b_d517d6db_f0 snakeyaml-api:1.30.2-76.vc104f7ce9870 ssh-credentials:295.vced876c18eb_4 sshd:3.242.va_db_9da_b_26a_c3 structs:324.va_f5d6774f3a_d token-macro:308.v4f2b_ed62b_b_16 trilead-api:1.67.vc3938a_35172f workflow-api:1188.v0016b_4f29881 workflow-step-api:639.v6eca_cd8c04aa workflow-support:833.va1c71061486b

Reproduction steps

use config

jenkins:
  authorizationStrategy:
    projectMatrix:
      permissions:
...
        - "Run/Replay:authenticated"
...

Expected Results

don`t have error

Actual Results

java.lang.IllegalArgumentException: Failed to parse 'Run/Replay:authenticated' --- no such permission at org.jenkinsci.plugins.matrixauth.AuthorizationContainer.add(AuthorizationContainer.java:205) at java.base/java.util.ArrayList.forEach(ArrayList.java:1541) at org.jenkinsci.plugins.matrixauth.integrations.casc.MatrixAuthorizationStrategyConfigurator.setPermissions(MatrixAuthori> at io.jenkins.plugins.casc.Attribute.setValue(Attribute.java:231) at io.jenkins.plugins.casc.BaseConfigurator.configure(BaseConfigurator.java:356) Caused: io.jenkins.plugins.casc.ConfiguratorException: string: Failed to set attribute permissions(class: class java.lang.String, > at io.jenkins.plugins.casc.BaseConfigurator.configure(BaseConfigurator.java:358) at io.jenkins.plugins.casc.BaseConfigurator.configure(BaseConfigurator.java:275) at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.lambda$doConfigure$16668e2$1(HeteroDescribable> at io.vavr.CheckedFunction0.lambda$unchecked$52349c75$1(CheckedFunction0.java:247) at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.doConfigure(HeteroDescribableConfigurator.java> at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.lambda$configure$2(HeteroDescribableConfigurat> at io.vavr.control.Option.map(Option.java:392) at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.lambda$configure$3(HeteroDescribableConfigurat> at io.vavr.Tuple2.apply(Tuple2.java:238) at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.configure(HeteroDescribableConfigurator.java:8> at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.check(HeteroDescribableConfigurator.java:92) at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.check(HeteroDescribableConfigurator.java:55) at io.jenkins.plugins.casc.BaseConfigurator.configure(BaseConfigurator.java:350) at io.jenkins.plugins.casc.BaseConfigurator.check(BaseConfigurator.java:286) at io.jenkins.plugins.casc.ConfigurationAsCode.lambda$checkWith$8(ConfigurationAsCode.java:776) at io.jenkins.plugins.casc.ConfigurationAsCode.invokeWith(ConfigurationAsCode.java:712) Caused: io.jenkins.plugins.casc.ConfiguratorException: jenkins: error configuring 'jenkins' with class io.jenkins.plugins.casc.cor> at io.jenkins.plugins.casc.ConfigurationAsCode.invokeWith(ConfigurationAsCode.java:718) at io.jenkins.plugins.casc.ConfigurationAsCode.checkWith(ConfigurationAsCode.java:776) at io.jenkins.plugins.casc.ConfigurationAsCode.configureWith(ConfigurationAsCode.java:761) at io.jenkins.plugins.casc.ConfigurationAsCode.configureWith(ConfigurationAsCode.java:637) at io.jenkins.plugins.casc.ConfigurationAsCode.configure(ConfigurationAsCode.java:306) at io.jenkins.plugins.casc.ConfigurationAsCode.init(ConfigurationAsCode.java:298) Caused: java.lang.reflect.InvocationTargetException at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:109) Caused: java.lang.Error at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:115) at hudson.init.TaskMethodFinder$TaskImpl.run(TaskMethodFinder.java:185) at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:305) at jenkins.model.Jenkins$5.runTask(Jenkins.java:1158) at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:222) at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:121) at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:68) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829)

Anything else?

No response

jetersen commented 2 years ago

Which plugin provides these permissions?

This is not an issue with JCasC. It is the plugin that needs fixing.

See: https://github.com/jenkinsci/configuration-as-code-plugin/issues/2005 https://github.com/jenkinsci/promoted-builds-plugin/pull/208

jetersen commented 2 years ago

@jglick comes from workflow-cps-plugin I think this line needs updating:

https://github.com/jenkinsci/workflow-cps-plugin/blob/87459c4eeaca402b1db387da9b5c0b40542e7b61/src/main/java/org/jenkinsci/plugins/workflow/cps/replay/ReplayAction.java#L375-L378

see this for an example: https://github.com/jenkinsci/promoted-builds-plugin/blob/a9a43062e395f1edc6f685cdd5266fb89ac83efb/src/main/java/hudson/plugins/promoted_builds/Promotion.java#L493-L495

jglick commented 2 years ago

@jetersen feel free to file a PR, or I can take a stab at it. I see no test case in https://github.com/jenkinsci/promoted-builds-plugin/pull/208, though; can this sort of problem be reproduced using JenkinsConfiguredWithCodeRule?

jetersen commented 2 years ago

I believe so although somewhat expensive to pull matrix security and configuration as code dependencies for a simple test. That might be easier to test downstream.