jenkins-control-plugin
jenkins-control-plugin copied to clipboard
MCMicS
Improve handling if password storage is disabled (Plugin's user/password setup is lost when IDEA is restarted)
Whenever I restart IDEA, Jenkin's user and password setup is lost.
- Plugin version: 0.13.10-2020-3
- IntelliJ IDEA 2021.1 (Ultimate Edition)
- Build #IU-211.6693.111, built on April 6, 2021
- CentoOS 8, Linux 4.18.0-193.28.1.el8_2.x86_64
- Java 11.0.10+9-b1341.35 amd64
I will look at this. Do you use multiple projects?
Then this could lead to this behaviour currently. In my setups the data will persist and restored.
But i try to reproduce the error
Hi I cannot reproduce it (either 0.13.10 or 0.13.11 eap). Is there any error shown or any exception in idea.log?
Could you please try it again with single project. open
Did you restart normally or with invalidate and restart?
Could you check or send me following files:
- .idea/jenkinsSettings.xml
- .idea/workspace.xml:
<component name="Jenkins.Settings">
<option name="jenkinsVersion" value="VERSION_2" />
<option name="username" value="mcmics" />
</component>
- ~/.config/JetBrains/IntelliJIdea2021.1/workspace JenkinsBrowserPanel: one of the XMl contains
<component name="JenkinsBrowserPanel">
Tested with: IntelliJ IDEA 2021.1 (Ultimate Edition) Build #IU-211.6693.111, built on April 6, 2021 Runtime version: 11.0.10+9-b1341.35 amd64 Windows 10 10.0 Jenkins Plugin 0.13.11-2020.3-eap2
Hello,
I have no directory ~/.idea/directory into my home directory.
What do you mean by single project ?
In the second location I have found this:
herbert@centos-001$ grep JenkinsBrowserPanel ~/.config/JetBrains/IntelliJIdea2021.1/workspace/*
/home/herbert/.config/JetBrains/IntelliJIdea2021.1/workspace/1fH24RYYs8DRlRfSdZGVZSMxcth.xml: <component name="JenkinsBrowserPanel">
/home/herbert/.config/JetBrains/IntelliJIdea2021.1/workspace/1p4pXi3ux66PHxYaSGTFZKYjDUz.xml: <component name="JenkinsBrowserPanel">
By the way, this is a development server and that means that IDEA is installed once and then used by each developper on the machine.
This ensures that everybody is using the same version of IDEA at all time (it also save FS space).
herbert@centos-001$ ls -la ~jetbrains/idea-IU-211.6693.111/
total 8036
drwxrwxr-x. 9 jetbrains jetbrains 227 Apr 7 08:32 .
drwxr-x---. 16 jetbrains jetbrains 4096 Apr 7 08:32 ..
drwxrwxr-x. 2 jetbrains jetbrains 4096 Apr 7 08:32 bin
-rw-r--r--. 1 jetbrains jetbrains 90733 Apr 6 12:24 brokenPlugins.db
-rw-r--r--. 1 jetbrains jetbrains 15 Apr 6 12:24 build.txt
-rw-r--r--. 1 jetbrains jetbrains 5462 Apr 6 12:24 classpath.txt
drwxrwxr-x. 2 jetbrains jetbrains 62 Apr 7 08:32 help
-rw-r--r--. 1 jetbrains jetbrains 8077312 Apr 6 12:24 icons.db
-rw-r--r--. 1 jetbrains jetbrains 1849 Apr 6 12:24 Install-Linux-tar.txt
drwxrwxr-x. 7 jetbrains jetbrains 83 Apr 7 08:32 jbr
drwxrwxr-x. 7 jetbrains jetbrains 8192 Apr 7 08:32 lib
drwxrwxr-x. 3 jetbrains jetbrains 4096 Apr 7 08:32 license
drwxrwxr-x. 154 jetbrains jetbrains 8192 Apr 7 08:32 plugins
-rw-r--r--. 1 jetbrains jetbrains 437 Apr 6 12:26 product-info.json
drwxrwxr-x. 3 jetbrains jetbrains 125 Apr 7 08:32 redist
Hi
the .idea folder is within your project (workspace)
see : https://www.jetbrains.com/help/idea/creating-and-managing-projects.html#directory-based
You can see this in your project and open the location:
What do you mean by single project ?
I mean try to open one single project and not multiple project in multiple windows.
By the way, this is a development server and that means that IDEA is installed once and then used by each developper on the machine.
The installation is central for all correct? All use the same installation wit different projects or wqill it used once by once. So only one dev use at time ? How do you start your IDE. Maybe its something wrong with the workspace. If the workspace is created everytime then no jenkins settings will be restored.
But I work on to move to global (installation) settings (see #113)
I have checked opening one single project:
- Open a project
- Set the user's token once again.
- Check that Jenkins jobs are displayed.
- Quit
- Restart
Authentication data was lost.
When I set the authentication token, IDEA pops up a dialog to display this (it doesn't do this all time):
org.codinjutsu.tools.jenkins.security.AuthenticationException: CSRF enabled -> Missing or bad crumb data
at org.codinjutsu.tools.jenkins.security.DefaultSecurityClient.checkResponse(DefaultSecurityClient.java:142)
at org.codinjutsu.tools.jenkins.security.DefaultSecurityClient.runMethod(DefaultSecurityClient.java:114)
at org.codinjutsu.tools.jenkins.security.DefaultSecurityClient.execute(DefaultSecurityClient.java:70)
at org.codinjutsu.tools.jenkins.security.SecurityClient.execute(SecurityClient.java:33)
at org.codinjutsu.tools.jenkins.logic.RequestManager.loadJob(RequestManager.java:232)
at org.codinjutsu.tools.jenkins.logic.RequestManager.loadFavoriteJobs(RequestManager.java:328)
at org.codinjutsu.tools.jenkins.view.BrowserPanel$LoadSelectedViewJob.loadJobs(BrowserPanel.java:503)
at org.codinjutsu.tools.jenkins.view.BrowserPanel$LoadSelectedViewJob.run(BrowserPanel.java:478)
at com.intellij.openapi.progress.impl.CoreProgressManager$TaskRunnable.run(CoreProgressManager.java:998)
at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcessWithProgressAsync$5(CoreProgressManager.java:497)
at com.intellij.openapi.progress.impl.ProgressRunner.lambda$submit$3(ProgressRunner.java:228)
at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$2(CoreProgressManager.java:178)
at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:688)
at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:634)
at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:64)
at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:165)
at com.intellij.openapi.progress.impl.ProgressRunner.lambda$submit$4(ProgressRunner.java:228)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:668)
at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:665)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1.run(Executors.java:665)
at java.base/java.lang.Thread.run(Thread.java:834)
The jekinsSettings.xml file of one of my artefact/project contains:
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="Jenkins.Application.Settings">
<option name="jobRefreshPeriod" value="1" />
<option name="serverUrl" value="http://jenkins.server:8080/" />
<option name="useGreenColor" value="true" />
</component>
</project>
The workspace.xml contains:
...
<component name="Jenkins.Settings">
<option name="favoriteJobs">
<list>
<favorite name="proof-of-concepts" url="http://jenkins.server:8080/job/proof-of-concepts/" />
</list>
</option>
<option name="jenkinsVersion" value="VERSION_2" />
<option name="lastSelectedView" value="My Favorites" />
<option name="username" value="hkoelman" />
</component>
...
Developpers are starting their IDE using the command line idea. Which really is an alternative (see below).
herbert@centos-001$ alternatives --display idea
idea - status is manual.
link currently points to /opt/jetbrains/idea-IU-211.6693.111/bin/idea.sh
/opt/jetbrains/idea-IU-211.6693.111/bin/idea.sh - priority 202101
Current `best' version is /opt/jetbrains/idea-IU-211.6693.111/bin/idea.sh.
By the way, as I didn't know what this crumb data was, I left it empty.
All use the same installation wit different projects or wqill it used once by once. So only one dev use at time ? How do you start your IDE. Maybe its something wrong with the workspace. If the workspace is created everytime then no jenkins settings will be restored.
Each developper is running it's own IDEA process using their personnal Unix account.
They work in their own home directory on the server. Once they have logged on using ssh, they simply type idea and X11 does the magic and displays IDEA on their Windows machine (using MobaXterm). Often there are between 5-10 developpers using IDEA at the same time.
Actually, they don't really know that there is only one single installation of IDEA :-) .
@HerbertKoelman
The workspace.xml contains your username and this should be restored after restart.
Did you use Password or API Token?
I would suggest to use API token (http://jenkins.server:8080/user/<yourname>/configure)
After you restart your IDE and check jekinsSettings.xml and workspace.xmlagain. Was the entries removed?
Authentication data was lost.
Are only the credentials lost or all settings (like use green color)
org.codinjutsu.tools.jenkins.security.AuthenticationException: CSRF enabled -> Missing or bad crumb data
If this occurs normally you use password. But then you should not see any Jobs.
Please try again with API Token
I'm using a token to authenticate Jenkins connections.
This token was generated in Jenkins and used in IDEA/Jenkins plug-in password field.
So to summarise:
- I enter the server address
- I set the user field to my Jenkins user name
- I set my token in the password field.
Was this the right way to use a token authentication ?
I'm using a token to authenticate Jenkins connections.
This token was generated in Jenkins and used in IDEA/Jenkins plug-in password field.
So to summarise:
1. I enter the server address 2. I set the user field to my Jenkins user name 3. I set my token in the password field.Was this the right way to use a token authentication ?
Yes this is right. But then a CSRF Warning should not appear
Only the credentials related settings are lost when I restart IDEA So Username and URL are restored? OK I try to reproduce it. The password is stored in internal Password Manager. May be a problem with the secret API on Linux
SDK Docu: https://plugins.jetbrains.com/docs/intellij/persisting-sensitive-data.html#storage Could you change the password storage for test. Or do you have stored other password within IDE to check if it works
I only tested it with real installation on multipl ein machines and macOS and it works. Maybe a problem with your setup (centralized IDE) transfered per X11. It is possible that there is no no keyring available to store the password?
X11 is only handling remote display, an ancestor of VNC or alike. So this password issue can not be related to X11.
I'll take a look at this credential store and let you know what I find.
Thanks I will also try to reproduce it with an remote ide
The credentials should stored in keyring of your intellij installation. But i dosn't know how the password storage works with remote usage. So if you can try other password settings to verify it works it would be great
Everything works the same way with a remote display then a local one :-)
I just meant to emphasis on the fact that we are use Unix's multiuser capabilities.
Sorry but i try to find the problem
So you have tried other passwords to store and restart?
It is hard if I cannot reproduce it. So I find a way to enclose the error. It is strange that the built in password mechanism not works. You said that settings like url, username and timeout setting of the plugin are available after restart. Only password is missing right?
Hi with 2020.3 it works right?
I think its an Idea Bug. Could you please send my your idea.log file or look into it for errors.
I found some bugs in youtrack: https://youtrack.jetbrains.com/issue/PY-48070
Hello, on my side I have investigated this password store question.
I'm not using any password store. I mean the password store option is not activated.
So I guess that this explains a lot 😃
Maybe an explicit message asking if one wants to store the password/token, might help.
Or pop up a dialogue asking for the password/token when it was not saved.
Thank you for your help.
Hi yes this sounds logical. Without password storag I cannot restore anything.
The idea the ask for password if missing or show a dialog if password storage is disabled sound great.
So for your workaround you have ro enter only the api token manually after every restart right?