search

jfrog / jenkins-jfrog-plugin

Easy integration between Jenkins and the JFrog Platform.
https://github.com/jfrog/jenkins-jfrog-plugin
Apache License 2.0
41 stars 18 forks source link

no password provided via Stdin #107

Open kaamos1 opened 1 month ago

kaamos1 commented 1 month ago

Describe the bug

I suppose #101 broke my Jenkins (@EyalDelarea ). With 1.5.1 my pipelines work as expected and interaction with Artifactory is possible using the configured tool. From 1.5.2 it stops working with [Error] no password provided via Stdin

tool config

JFrog CLI Installations (/jenkinsinstance/manage/configureTools/) got an entry: name: 'jfrog-cli' JFrog CLI execution path: '/path/to/jfrog/jfrog-cli-2.68.0'

Plugin config

JFrog Plugin Configuration -> JFrog Platform Instances (/jenkinsinstance/manage/configure) uses a global username/password type credential.

server id: 'artifactory_bdc'

pipeline

Relevant parts of the pipeline look like this:

pipeline {
    agent {
        dockerfile {
            filename 'Dockerfile'
            additionalBuildArgs ''' \
                --build-arg NEW_UID=$(id -u) \
                --build-arg NEW_GID=$(id -g) \
                --build-arg USERNAME=$(whoami) \
                --pull'''
            args '-v /path/to/jfrog:/path/to/jfrog'
            registryUrl 'https://artifactory.domain.com'
            registryCredentialsId 'my_credential'
        }
    }
    tools {
        jfrog 'jfrog-cli'
    }
    environment {
        HTTPS_PROXY = 'http://my-proxy.domain.com:8080'
        JFROG_CLI_LOG_LEVEL="DEBUG"
    }
    stages {
        stage('Test jf cli with Artifactory'){
            steps{
                jf "rt build-add-git $JOB_NAME $BUILD_NUMBER"
                jf "rt build-collect-env $JOB_NAME $BUILD_NUMBER"
                jf 'rt build-publish'
            }
        }
    }
}

Note that I am NOT providing any jf c add command. This is automatically done by the Jenkins plugin, but fails since 1.5.2.

Current behavior

10:28:06 [Pipeline] stage 10:28:06 [Pipeline] { (Test jf cli with Artifactory) 10:28:06 [Pipeline] tool 10:28:06 [Pipeline] envVarsForTool 10:28:06 [Pipeline] withEnv 10:28:06 [Pipeline] { 10:28:06 [Pipeline] jf 10:28:06 [PIPELINE_NAME] $ docker exec --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** 4075add322886048b442f6c82796a863cd64f84b585bb1c1af608e2aacbcb6e8 //path/to/jfrog/jfrog-cli-2.68.0/jf -v 10:28:06 [PIPELINE_NAME] $ docker exec --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** --env **** 4075add322886048b442f6c82796a863cd64f84b585bb1c1af608e2aacbcb6e8 /path/to/jfrog/jfrog-cli-2.68.0/jf c add artifactory_bdc --user=username@domain.com --password-stdin --url=https://artifactory.domain.com/ --artifactory-url=https://artifactory.domain.com/artifactory --distribution-url=https://artifactory.domain.com/distribution --xray-url=https://artifactory.domain.com/xray --interactive=false --overwrite=true 10:28:07 10:28:07 [Debug] JFrog CLI version: 2.68.0 10:28:07 10:28:07 [Debug] OS/Arch: linux/amd64 10:28:07 10:28:07 [Debug] Trace ID for JFrog Platform logs: c072dfb8b0364d35 10:28:07 10:28:07 [Info] Trace ID for JFrog Platform logs: c072dfb8b0364d35 10:28:07 10:28:07 [Error] no password provided via Stdin 10:28:07 [Pipeline] } 10:28:07 [Pipeline] // withEnv 10:28:07 [Pipeline] } 10:28:07 [Pipeline] // stage ...

This, of course, causes the pipeline to fail. Here is the output:

...

10:28:10 java.lang.RuntimeException: Running 'jf' command failed with exit code 1 10:28:10 at PluginClassLoader for jfrog//io.jenkins.plugins.jfrog.JfStep.configAllServers(JfStep.java:213) 10:28:10 at PluginClassLoader for jfrog//io.jenkins.plugins.jfrog.JfStep.setupJFrogEnvironment(JfStep.java:175) 10:28:10 at PluginClassLoader for jfrog//io.jenkins.plugins.jfrog.JfStep.perform(JfStep.java:100) 10:28:10 Also: org.jenkinsci.plugins.workflow.actions.ErrorAction$ErrorId: f77bb204-f278-4720-9c72-3b2afb4e2e66 10:28:10 Caused: java.lang.RuntimeException: Couldn't execute 'jf' command. RuntimeException: Running 'jf' command failed with exit code 1 10:28:10 at PluginClassLoader for jfrog//io.jenkins.plugins.jfrog.JfStep.perform(JfStep.java:109) 10:28:10 at PluginClassLoader for workflow-basic-steps//org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:101) 10:28:10 at PluginClassLoader for workflow-basic-steps//org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:71) 10:28:10 at PluginClassLoader for workflow-step-api//org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47) 10:28:10 at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) 10:28:10 at java.base/java.util.concurrent.FutureTask.run(Unknown Source) 10:28:10 at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) 10:28:10 at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) 10:28:10 at java.base/java.lang.Thread.run(Unknown Source) 10:28:11 Finished: FAILURE

Reproduction steps

Configure Jenkins as described above and run a pipeline as described above.

Expected behavior

The automatic configuration of my jf cli instance works (jf c add ..)

JFrog plugin version

1.5.2, 1.5.3

JFrog CLI version

Tested with 2.53.2, 2.68.0

Operating system type and version

Ubuntu 22.04

JFrog Artifactory version

No response

JFrog Xray version

No response

commodity729 commented 1 month ago

Same problem, wondering when this is going to be fixed

yahavi commented 1 month ago

@kaamos1 @commodity729
Thank you for bringing this issue to our attention.
The Jenkins JFrog plugin version 1.5.5 has been released, and it includes a rollback of https://github.com/jfrog/jenkins-jfrog-plugin/pull/101. You're welcome to upgrade to this version, and we'd love to hear your feedback!

kaamos1 commented 1 month ago

Hi @yahavi , thanks for rolling back the feature. I just updated the plugin and the pipeline now succeeds again.

EyalDelarea commented 2 weeks ago

Hey @kaamos1,

Apologies for any inconvenience this change may have caused, and thank you for bringing this issue to our attention.

I'm currently working on reproducing the issue to address it.

I've reopened the issue because we do plan to transition to password stdin for better security, and I want to ensure that this upcoming feature won't cause any significant issues for you.

kaamos1 commented 2 weeks ago

Hey @kaamos1,

Apologies for any inconvenience this change may have caused, and thank you for bringing this issue to our attention.

I'm currently working on reproducing the issue to address it.

I've reopened the issue because we do plan to transition to password stdin for better security, and I want to ensure that this upcoming feature won't cause any significant issues for you.

@EyalDelarea Im afraid I cant share the dockerfile. But I am pretty sure that you can even omit the dockerfile setup and run natively on the host, e.g. by using 

pipeline {
    agent any
    tools {
        jfrog 'jfrog-cli'
    }
    environment {
        HTTPS_PROXY = 'http://my-proxy.domain.com:8080'
        JFROG_CLI_LOG_LEVEL="DEBUG"
    }
    stages {
        stage('Test jf cli with Artifactory'){
            steps{
                jf "rt build-add-git $JOB_NAME $BUILD_NUMBER"
                jf "rt build-collect-env $JOB_NAME $BUILD_NUMBER"
                jf 'rt build-publish'
            }
        }
    }
}
EyalDelarea commented 2 weeks ago

Hey @kaamos1, Apologies for any inconvenience this change may have caused, and thank you for bringing this issue to our attention. I'm currently working on reproducing the issue to address it. I've reopened the issue because we do plan to transition to password stdin for better security, and I want to ensure that this upcoming feature won't cause any significant issues for you.

@EyalDelarea Im afraid I cant share the dockerfile. But I am pretty sure that you can even omit the dockerfile setup and run natively on the host, e.g. by using

pipeline {
    agent any
    tools {
        jfrog 'jfrog-cli'
    }
    environment {
        HTTPS_PROXY = 'http://my-proxy.domain.com:8080'
        JFROG_CLI_LOG_LEVEL="DEBUG"
    }
    stages {
        stage('Test jf cli with Artifactory'){
            steps{
                jf "rt build-add-git $JOB_NAME $BUILD_NUMBER"
                jf "rt build-collect-env $JOB_NAME $BUILD_NUMBER"
                jf 'rt build-publish'
            }
        }
    }
}

Thanks for your response. It seems the specific Dockerfile isn't necessary, as the issue is related to the use of the Docker Pipelines plugin.

The issue occurs because the plugin converts the CLI commands into a docker exec... command, which causes the stdin stream to be lost. Running the commands natively on an agent works as expected.

I’ll keep you updated on any developments regarding this matter.