search

mohamicorp / stash-jenkins-postreceive-webhook

Webhook used to notify Jenkins when commits are made to Stash
Other
138 stars 98 forks source link

Jenkins webhook trigger failing due to permissions? #33

Closed doughanks closed 10 years ago

doughanks commented 10 years ago

For control reasons, I have my repository in Stash locked down so that no 'real' user has write access. Developers can review and approve pull requests, but not merge. I am using the Workzone Stash plugin to perform automatic merges once sufficient approvals of a pull request are received. The automatic merge is configured to use a special 'non-interactive' account that does have write access to the repository.

When the pull request is approved and merged, it looks like the Stash Jenkins Webhook is failing due to a permissions error. It looks like it is using the effective permission of the user logged in when the automatic merge occurs.

Below are partial snippets of the 2 errors I found in the Stash log file that lead me down this path. These are the only log entries that would indicate why my jenkins jobs are not getting triggered.

If this is the case, is there a way to have Stash run this EventListener as a different user?

---snip---

2013-10-16 11:48:36,428 ERROR [AtlassianEvent::pool-3-thread-2] ---[identifying information removed]--- "POST /rest/api/latest/projects/CFMGT/repos/cfmgt/pull-requests/2/approve HTTP/1.1" c.a.e.i.AsynchronousAbleEventDispatcher There was an exception thrown trying to dispatch event 'com.atlassian.stash.repository.sync.RefsSynchronizedEvent[source=com.atlassian.stash.internal.repository.sync.DefaultRefSyncService@302b25c0]' from the invoker 'SingleParameterMethodListenerInvoker{method=public void com.nerdwin15.stash.webhook.RepositoryChangeListener.onRefsChangedEvent(com.atlassian.stash.event.RepositoryRefsChangedEvent), listener=com.nerdwin15.stash.webhook.RepositoryChangeListener@5e123c18}'. java.lang.RuntimeException: You are not permitted to access this resource at com.atlassian.event.internal.SingleParameterMethodListenerInvoker.invoke(SingleParameterMethodListenerInvoker.java:54) ~[atlassian-event-2.3.0.jar:na] at com.atlassian.event.internal.AsynchronousAbleEventDispatcher$2.run(AsynchronousAbleEventDispatcher.java:66) ~[atlassian-event-2.3.0.jar:na] at com.atlassian.sal.core.executor.ThreadLocalDelegateRunnable.run(ThreadLocalDelegateRunnable.java:38) ~[sal-core-2.10.3.jar:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) ~[na:1.7.0_25] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) ~[na:1.7.0_25] at java.lang.Thread.run(Thread.java:724) ~[na:1.7.0_25] Caused by: com.atlassian.stash.exception.AuthorisationException: You are not permitted to access this resource at com.atlassian.stash.internal.aop.ExceptionRewriteAdvice.afterThrowing(ExceptionRewriteAdvice.java:36) ~[stash-platform-2.6.2.jar:na] at sun.reflect.GeneratedMethodAccessor1802.invoke(Unknown Source) ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_25] at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_25] at org.springframework.aop.framework.adapter.ThrowsAdviceInterceptor.invokeHandlerMethod(ThrowsAdviceInterceptor.java:144) ~[spring-aop-3.2.3.RELEASE.jar:3.2.3.RELEASE]

---end snip---

---snip---

2013-10-16 11:48:36,640 ERROR [AtlassianEvent::pool-3-thread-2] ---[identifying information removed]--- "POST /rest/api/latest/projects/CFMGT/repos/cfmgt/pull-requests/2/approve HTTP/1.1" c.a.e.i.AsynchronousAbleEventDispatcher There was an exception thrown trying to dispatch event 'com.atlassian.stash.repository.sync.RefsSynchronizedEvent[source=com.atlassian.stash.internal.repository.sync.DefaultRefSyncService@302b25c0]' from the invoker 'SingleParameterMethodListenerInvoker{method=public void com.wittified.TaskRepositoryEvent.postReceive(com.atlassian.stash.event.RepositoryRefsChangedEvent), listener=com.wittified.TaskRepositoryEvent@8efa324}'. java.lang.RuntimeException: An error occurred while executing an external process: [e02b6a2]: Unexpected output; expected a 'commit' object at com.atlassian.event.internal.SingleParameterMethodListenerInvoker.invoke(SingleParameterMethodListenerInvoker.java:54) ~[atlassian-event-2.3.0.jar:na] at com.atlassian.event.internal.AsynchronousAbleEventDispatcher$2.run(AsynchronousAbleEventDispatcher.java:66) ~[atlassian-event-2.3.0.jar:na] at com.atlassian.sal.core.executor.ThreadLocalDelegateRunnable.run(ThreadLocalDelegateRunnable.java:38) ~[sal-core-2.10.3.jar:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) ~[na:1.7.0_25] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) ~[na:1.7.0_25] at java.lang.Thread.run(Thread.java:724) ~[na:1.7.0_25] Caused by: com.atlassian.stash.exception.ServerException: An error occurred while executing an external process: [e02b6a2]: Unexpected output; expected a 'commit' object at com.atlassian.stash.internal.scm.git.GitCommandExitHandler.evaluateThrowable(GitCommandExitHandler.java:120) ~[na:na] at com.atlassian.stash.internal.scm.git.GitCommandExitHandler.onCancel(GitCommandExitHandler.java:46) ~[na:na] at com.atlassian.stash.scm.BaseCommand.callExitHandler(BaseCommand.java:138) ~[stash-spi-2.6.2.jar:na] at com.atlassian.stash.scm.BaseCommand$CommandFuture.internalGet(BaseCommand.java:257) ~[stash-spi-2.6.2.jar:na] at com.atlassian.stash.scm.BaseCommand$CommandFuture.get(BaseCommand.java:224) ~[stash-spi-2.6.2.jar:na]

---end snip---

Thanks, Doug Hanks

mikesir87 commented 10 years ago

Looks like someone else just ran into this. Going to merge the issues and close this one. Thanks for letting me know.

Duplicate of #32