Ability to configure a jenkins username and password

[holdorph]

Currently there does not seem to be any place where a username/password for the jenkins server can be configured. We do not allow anonymous access or triggers on our jenkins server, and without username/password capabilities, this hook will not work for our system.

[ashnazg]

I think that the way this hook works, it just sends a notice to Jenkins along with the source repo name, maybe a few other data points. It is up to the defined jobs in Jenkins to be configured to "poll", or else they won't react to the trigger. I have some jobs configured to poll (with no polling schedule) and others not to poll, and only the former will react to a trigger event.

[davidkarlsen]

Yes - that's how it works. Documented here: https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin#GitPlugin-Pushnotificationfromrepository

2014-09-13 20:34 GMT+02:00 Chuck Burgess notifications@github.com:

I think that the way this hook works, it just sends a notice to Jenkins along with the source repo name, maybe a few other data points. It is up to the defined jobs in Jenkins to be configured to "poll", or else they won't react to the trigger. I have some jobs configured to poll (with no polling schedule) and others not to poll, and only the former will react to a trigger event.

— Reply to this email directly or view it on GitHub https://github.com/Nerdwin15/stash-jenkins-postreceive-webhook/issues/87#issuecomment-55502544 .

David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen

[mikesir87]

Correct. This plugin only sends notifications to Jenkins using an unprotected endpoint. The Git Plugin writers left this open because the server validates that there was an update/the hash is valid before starting the build.

However, I'd be interested to hear about how you have your Jenkins server configured. How are you "not allowing anonymous access or triggers?"

[ashnazg]

I interpreted that to mean that Jenkins itself has password-protected accounts, and thus only an authenticated user could start build jobs there in Jenkins. I thought his impression of the plugin was such that since Jenkins itself required a login, then this plugin needed one too in order to send the trigger notification.

[holdorph]

If you go to 'configure jenkins' and then you go to "Configure Global Security", in the "Authorization" section, there is an option for "Matrix-based security". In that matrix is an option for anonymous. In our system anonymous has virtually no privileges. When I try to configure this plugin on the stash side and I press the "Trigger Jenkins" button, I get just a label that says "Trying..." that never changes.

[holdorph]

Sorry, eventually it does finally answer with a pop-up, that says:

Server Unreachable

The server didn't respond. You may retry your request when the server comes back up.

Which I assume is because anonymous has no permissions, and there is no way to configure a username/password to use instead.

[ashnazg]

Ah, now that's an area in Jenkins that I've not seen. Given that view, I can better understand what you're looking for.

[mikesir87]

The Matrix-based security stuff doesn't affect the webhook endpoint. Getting a Server Unreachable indicates a different problem. If it were an authorization error, I'd imagine something like an Unauthorized/Forbidden error.

What's difficult to tell from here is who is throwing the error... it could be either for some reason the AJAX request is blowing up (can't contact your Stash server for some reason) or Stash can't talk to your Jenkins server.

Here's a link with potentially more info... https://confluence.atlassian.com/display/STASHKB/Server+Unreachable+-+Timeout+when+merging+or+viewing+Diff+of+pull+request

[holdorph]

Well I know jenkins can talk to stash, because the 'poll scm' trigger works as a minor work around for now. I also know the URL I put into the stash webhook configuration is good, because I can cut/paste it in my browser and it takes me right to jenkins (and the URL stays the same).

I would be surprised if it was my browser having a problem talking to stash. I am able to do everything else in stash just fine.

Unfortunately I don't run the stash server, so I don't have the ability to look at and server side log files.

[ashnazg]

My next step would be to have someone with access to the Stash server to run curl at the command line to the Jenkins URL. It's possible some networkish thing is in the way, possibly a firewall setting if Jenkins is not on port 80 or 443.

[mikesir87]

Yeah... that was my thought. I'd check the network connection from Stash to Jenkins.

[VenkatRudra]

Can anyone explain : Server Unreachable - "The server didn't respond. You may retry your request when the server comes back up" dialog box error all about. Please give me a possible solution for this.

[VenkatRudra]

Above is the error dialog box I got.