Closed AxyRes closed 3 months ago
@AxyRes, you are running Jenkins version 2.361.1. It was released over 18 months ago. It has several known security vulnerabilities. The Jenkins security team only provides security fixes for the most recent weekly release (currently 2.450) and the most recent LTS release (currently 2.440.2). To resolve those security vulnerabilities, you'll need to upgrade to Jenkins 2.440.2.
Jenkins 2.361.1 is no longer supported by the Jenkins update center. That means the list of plugin updates displayed in the plugin manager page of the running controller is showing plugins that may not work with your version. You'll need to manage that Jenkins controller very carefully to be sure that no one installs a plugin update that might prevent the controller from starting.
You asked:
So do I need to update the Gitlab plugin to the latest version of 1.7.8 (not recommended because the update will cause many problems during operation) or do I need to configure somewhere so that Gitlab can receive Jenkins' stages?
The latest version of the GitLab plugin is 1.8.0. However, it requires Jenkins 2.401.3 or newer. I'm not aware of any GitLab configuration change will make the 18 month old GitLab plugin version 1.6.0 and the 18 month old Jenkins version 2.361.1 behave differently with the 2 month old GitLab 16.8.1 release.
Your options (in my opinion):
I recommend option 2 because it will resolve the known security vulnerabilities in your Jenkins controller and will upgrade the GitLab plugin to the most recent release.
I think you are missign a point @MarkEWaite - the problem is that previously in version 1.7.8 GitLab Plugin updated GitLab pipeline status when updateGitlabCommitStatus was added to the pipeline as described by @AxyRes.
In version 1.8.0 of the plugin this behaviour does not exists - pipeline status is not updated. I have the same issue running Jenkins version 2.440.1. The ony thing that was upgraded was GitLab Plugin from version 1.7.8 to 1.8.0.
I think you are missing a point @MarkEWaite - the problem is that previously in version 1.7.8 GitLab Plugin updated GitLab pipeline status when updateGitlabCommitStatus was added to the pipeline as described by @AxyRes.
In version 1.8.0 of the plugin this behaviour does not exists - pipeline status is not updated. I have the same issue running Jenkins version 2.440.1. The only thing that was upgraded was GitLab Plugin from version 1.7.8 to 1.8.0.
Thanks for the clarification @dcniko. I don't see any mention of the transition from 1.7.8 to 1.8.0 in the description from @AxyRes.
@AxyRes wrote:
I use Jenkins's updateGitlabCommitStatus function to display the stages in the Jenkins pipeline. Gitlab plugin in Jenkins is in version 1.6.0. Then I tried upgrading my Gitlab version to version 16.8.1 and the GitLab plugin in Jenkins still 1.6.0. The problem is that GitLab version 16.8.1 is currently not displaying all stages from Jenkins, but it still returns the pipeline success result from Jenkins.
Based on what @AxyRes wrote, I assumed that the upgrade of the GitLab version from 16.2.8 to 16.8.1 changed the behavior without any change of the Jenkins GitLab plugin.
Is your description listing the same condition, that a recent GitLab version upgrade has broken the updateGitlabCommitStatus function of the Jenkins plugin? I interpreted your message as meaning that a Jenkins GitLab plugin upgrade from 1.7.8 to 1.8.0 has broken the updateGitlabCommitStatus function since you didn't mention a GitLab version in your message.
My scenario was as follow:
It looks like Jenkins and/or GitLab Plugin upgrade created some compatibility issues with GitLab itself regarding pipeline status update. How can I turn more verbose output form the plugin to check, where the issue is?
When I need to diagnose the interactions between GitLab and Jenkins, I use the Jenkins console log (increasing the log level for elements of the GitLab plugin) and the GitLab web hook logs.
So those are my findings: in version Jenkins version 2.375.1 with GitLab Plugin version 1.7.8 I can clearly see in logs:
Apr 02, 2024 9:43:37 AM INFO com.dabsquared.gitlabjenkins.webhook.GitLabWebHook getDynamic
WebHook called with url: [project path]
Apr 02, 2024 9:43:37 AM FINE com.dabsquared.gitlabjenkins.webhook.build.NoteBuildAction
[Status: 200 OK]
Apr 02, 2024 9:43:37 AM INFO com.dabsquared.gitlabjenkins.trigger.handler.AbstractWebHookTriggerHandler handle
[project] triggered for note.
Apr 02, 2024 9:43:47 AM INFO com.dabsquared.gitlabjenkins.util.CommitStatusUpdater retrieveGitlabProjectIds
Retrieving gitlab project ids
[Status: 200 OK]
Apr 02, 2024 9:43:48 AM INFO com.dabsquared.gitlabjenkins.util.CommitStatusUpdater updateCommitStatus
Updating build [id] to 'running'
[Status: 201 Created]
Apr 02, 2024 9:43:55 AM INFO com.dabsquared.gitlabjenkins.util.CommitStatusUpdater retrieveGitlabProjectIds
Retrieving gitlab project ids
[Status: 200 OK]
Apr 02, 2024 9:43:55 AM INFO com.dabsquared.gitlabjenkins.util.CommitStatusUpdater updateCommitStatus
Updating build [id] to 'success'
[Status: 201 Created]
in version Jenkins version 2.440.1 with GitLab Plugin version 1.8.0 I cannot see updateCommitStatus in logs:
Apr 02, 2024 9:52:00 AM INFO com.dabsquared.gitlabjenkins.webhook.GitLabWebHook getDynamic
WebHook called with url: [project path]
Apr 02, 2024 9:52:00 AM FINE com.dabsquared.gitlabjenkins.webhook.build.NoteBuildAction
[only request in logs, no response]
Apr 02, 2024 9:52:00 AM INFO com.dabsquared.gitlabjenkins.trigger.handler.AbstractWebHookTriggerHandler handle
[project] triggered for note.
and this is all - no more entries in logs. Job runs fine but no status is returned to GitLab (job is the same for both environments). I have both version running in parallel so I can compare results if needed. What further steps perform to more diagnose the problem?
Seeing the same issue. For our company with the release coming up, this has been extremely inconvenient. Trying to write our own version of the updateCommitStatus
for Gitlab.
For more context, the status updates commit hash but doesn't link to the MR on gitlab causing unprecedented merges.
I am using the current Jenkins controller (2.440.2) with current plugins (including GitLab plugin 1.8.0)
I am using the current Jenkins controller (2.440.2) with current plugins (including GitLab plugin 1.8.0)
Is your issue resolved if you revert to an earlier release of the GitLab plugin?
Hi 👋 We have the same issue, latest Jenkins LTS (2.440.3 at the moment). Just want to add security sauce above it:
Gitlab allows to prevent merging without passing pipeline, and since the Jenkins builds are not linked to the MR anymore, it means code failing Jenkins tests could potentially be merged :/
Hello,
Any updates on that one ? We are using Jenkins LTS 2.245.2 and I agree with @gui-don, this is a big security concern on our side
Any updates on that one ? We are using Jenkins LTS 2.245.2 and I agree with @gui-don, this is a big security concern on our side
No updates from me. Have you confirmed that an earlier version of the plugin resolves the issue for you? Does that address your concern?
An earlier comment indicates that 1.7.8 might not have the issue, but there was no response to the request asking to confirm that it did not have the issue.
Hi everyone, I have fixed the error that was due to a missing configuration in the Jenkinsfile script:
options { gitLabConnection('gitlab-connection-jenkins-to-gitlab') }
As for the version issue, I believe it is unrelated. Thank you all for your interest and help.
Jenkins and plugins versions report
Environment
``` Jenkins: 2.361.1 OS: Linux - 4.18.0-372.9.1.el8.x86_64 Java: 11.0.15 - Red Hat, Inc. (OpenJDK 64-Bit Server VM) ----------- gitlab-api:5.1.0-84.v491924123a_f7 gitlab-branch-source:650.va_d1ce6d01959 gitlab-plugin:1.6.0 ```What Operating System are you using (both controller, and any agents involved in the problem)?
Linux, Window, MacOS
Reproduction steps
stage('Test Show Stage in Jenkins') { steps { script { updateGitlabCommitStatus name: "${STAGE_NAME}", state: 'pending' updateGitlabCommitStatus name: "${STAGE_NAME}", state: 'success' } } }
Expected Results
In Jenkins pipeline In GitLab 16.2.8
Actual Results
In Jenkins pipeline In GitLab version 16.8.1
Anything else?
I use Jenkins's updateGitlabCommitStatus function to display the stages in the Jenkins pipeline. Gitlab plugin in Jenkins is in version 1.6.0. Then I tried upgrading my Gitlab version to version 16.8.1 and the GitLab plugin in Jenkins still 1.6.0. The problem is that GitLab version 16.8.1 is currently not displaying all stages from Jenkins, but it still returns the pipeline success result from Jenkins. The Jenkins and GitLab side configurations are correct. So do I need to update the Gitlab plugin to the latest version of 1.7.8 (not recommended because the update will cause many problems during operation) or do I need to configure somewhere so that Gitlab can receive Jenkins' stages?
Are you interested in contributing a fix?
No response