Closed zxiiro closed 6 years ago
This particular failure seems to be coming from the OpenstackCredentials file.
public static @CheckForNull OpenstackCredential getCredential(@CheckForNull String credentialId) {
Jenkins.getInstance().getACL().checkPermission(Jenkins.ADMINISTER);
So the plugin itself appears to be using the anonymous account to query this information but I think the plugin needs to query the info as an admin user.
Hmm, for some reason this is not covered by unittests.
Something else I found out is if you go to "Manage Nodes" and manually click to provision the the node, it works and there is no permissions issue.
It seems to only affect the automated provisioner, which is using anonymous permissions I guess to query openstack and see if there is sufficient nodes.
@zxiiro. thanks for the report. I am releasing the fixed now.
It seems like the security patch v2.36 breaks the plugin in a few ways.
It appears like the plugin is expecting the anonymous user to have the Overall/Administer permission which I am assuming the security fix secured.