We are seeing issue where parameters are not getting passed on urltrigger based jobs[1], we have seen this issue multiple times in past and it was fixed with downgrading the urltrigger plugin. The issue is [2] and caused after [3]. The issue likely started after recent plugin upgrades[4]
[1] https://ci.centos.org/view/rdo/view/weirdo-pipelines/view/weirdo-promote-test-puppet-centos8/ [2] https://issues.jenkins-ci.org/browse/JENKINS-60914?jql=project%20%3D%20JENKINS%20AND%20component%20%3D%20urltrigger-plugin%20ORDER%20BY%20updated%20DESC%2C%20priority%20DESC%2C%20created%20ASC [3] https://github.com/jenkinsci/urltrigger-plugin/commit/82f9e6cfa36dfc8604e7e31e2afa4d5d59a987e7 [4] https://lists.centos.org/pipermail/ci-users/2021-February/002159.html
Metadata Update from @arrfab: - Issue assigned to arrfab
Metadata Update from @arrfab: - Issue tagged with: centos-ci-infra, low-gain, low-trouble
@ykarel I see version Version: 0.45 installed for that plugin (downgraded) Does that work for you now ? ideally @siddharthvipul1 would pin a specific version before updating all plugins to $latest
Metadata Update from @arrfab: - Issue priority set to: Waiting on Reporter (was: Needs Review)
@arrfab yes 0.45 should be good as that issue is in 0.46+, before u downgraded what version was installed? I will report here after next auto run which will confirm it's working fine. yes pinning it before upgrade will be good.
Just to update, jobs are working fine post downgrade, we can close this once we are ok with the preventive action for this(--ideally @siddharthvipul1 would pin a specific version before updating all plugins to $latest--)
I would request you to update your jobs to match latest changes in the plugin. Updating plugins because of CVEs, it's difficult to find all the plugins affected (surely not impossible). As per last information for the latest high severity case, "The most popular included plugin is installed on between 3% and 10% of known instances." makes it difficult for me to do this.
Unless the team agrees to take this route cc: @arrfab @dkirwan
@siddharthvipul1 but latest urltrigger have unsolved issue https://issues.jenkins.io/browse/JENKINS-60914 which we are facing, any idea what needs to be fixed on jobs side to work with latest urltrigger plugin, from issue downgrading to 0.45 is the workaround that we are currently doing.
no, I am not really sure how the job is configured (or even very good in jenkins to help fix this :( ) but the fact that the release is broken and no traction on ticket for over a year makes me even more concerned about this plugin.
Closing this I will try to remember next time to not update the plugin but I will also recommend you to invest some time in finding a workaround. We have been asked strictly to keep things up to date lately (from Product security team)
Metadata Update from @siddharthvipul1: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Just to update this issue is fixed with urltrigger-0.50, we have upgraded it into jenkins instance of Cloud SIG.
Login to comment on this ticket.