gitblit icon indicating copy to clipboard operation
gitblit copied to clipboard
verified publisher icon gitblit-org

Jenkins post receive hook stop working with Git Plugin 4.11.4

Open TDesjardins opened this issue 3 years ago • 1 comments

With Jenkins Git Plugin 4.11.4 the HTTP notify calls needs a token to trigger a build (See https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284). It can be created in "Git plugin notifyCommit access tokens" section of the "Configure Global Security" page. To solve this issue the following script can be extended with a token parameter: https://github.com/gitblit/gitblit/blob/master/src/main/distrib/data/groovy/jenkins.groovy

I can provide a PR if this is wanted.

A current workaround is to disable access token mechanism in Jenkins with the system property hudson.plugins.git.GitStatus.NOTIFY_COMMIT_ACCESS_CONTROL. But this option is insecure and is not recommended.

TDesjardins avatar Aug 26 '22 09:08 TDesjardins

Sure, pull requests are always a welcome idea.

flaix avatar Aug 31 '22 18:08 flaix