bitbucket-branch-source-plugin
bitbucket-branch-source-plugin copied to clipboard
jenkinsci
random 403 error on builds under a bitbucket team scanner
Jenkins and plugins versions report
Jenkins: 2.332.3 OS: Linux - 3.10.0-1160.53.1.el7.x86_64
Office-365-Connector:4.17.0 ace-editor:1.1 active-directory:2.25.1 adoptopenjdk:1.4 ant:475.vf34069fef73c antisamy-markup-formatter:2.7 apache-httpcomponents-client-4-api:4.5.13-1.0 artifact-manager-s3:633.v4813787e78a_9 artifact-promotion:0.5.2 authentication-tokens:1.4 aws-credentials:191.vcb_f183ce58b_9 aws-global-configuration:1.7 aws-java-sdk:1.12.215-339.vdc07efc5320c aws-java-sdk-cloudformation:1.12.215-339.vdc07efc5320c aws-java-sdk-codebuild:1.12.215-339.vdc07efc5320c aws-java-sdk-ec2:1.12.215-339.vdc07efc5320c aws-java-sdk-ecr:1.12.215-339.vdc07efc5320c aws-java-sdk-ecs:1.12.215-339.vdc07efc5320c aws-java-sdk-elasticbeanstalk:1.12.215-339.vdc07efc5320c aws-java-sdk-iam:1.12.215-339.vdc07efc5320c aws-java-sdk-logs:1.12.215-339.vdc07efc5320c aws-java-sdk-minimal:1.12.215-339.vdc07efc5320c aws-java-sdk-ssm:1.12.215-339.vdc07efc5320c basic-branch-build-strategies:1.3.2 bitbucket:223.vd12f2bca5430 bootstrap4-api:4.6.0-5 bootstrap5-api:5.1.3-7 bouncycastle-api:2.26 branch-api:2.1046.v0ca_37783ecc5 build-timeout:1.20 caffeine-api:2.9.3-65.v6a_47d0f4d1fe checks-api:1.7.4 cloudbees-bitbucket-branch-source:773.v4b_9b_005b_562b_ cloudbees-folder:6.722.v8165b_a_cf25e9 codedeploy:1.23 command-launcher:81.v9c2cb_cb_db_392 conditional-buildstep:1.4.2 config-file-provider:3.10.0 credentials:1087.1089.v2f1b_9a_b_040e4 credentials-binding:523.vd859a_4b_122e6 display-url-api:2.3.6 docker-build-publish:1.3.3 docker-commons:1.19 docker-java-api:3.1.5.2 docker-plugin:1.2.9 docker-workflow:1.28 durable-task:496.va67c6f9eefa7 echarts-api:5.3.2-2 email-ext:2.88 envinject:2.866.v5c0403e3d4df envinject-api:1.199.v3ce31253ed13 extended-read-permission:3.2 external-monitor-job:191.v363d0d1efdf8 file-operations:1.11 folder-auth:1.4 font-awesome-api:6.1.1-1 git:4.11.3 git-client:3.11.0 git-server:1.11 github:1.34.3 github-api:1.303-400.v35c2d8258028 github-branch-source:1628.vb_2f51293cb_78 gradle:1.38 greenballs:1.15.1 h2-api:1.4.199 handlebars:3.0.8 handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953 jackson2-api:2.13.3-285.vc03c0256d517 jacoco:3.3.2 javadoc:217.v905b_86277a_2a_ javax-activation-api:1.2.0-3 javax-mail-api:1.6.2-6 jaxb:2.3.6-1 jdk-tool:1.5 jjwt-api:0.11.2-71.v2722b_b_06a_2a_f jnr-posix-api:3.1.7-3 jquery:1.12.4-1 jquery-detached:1.2.1 jquery3-api:3.6.0-4 jsch:0.1.55.2 junit:1.63 ldap:2.10 lockable-resources:2.15 mailer:414.vcc4c33714601 mapdb-api:1.0.9.0 matrix-auth:3.1.2 matrix-project:771.v574584b_39e60 maven-plugin:3.18 mercurial:2.16.2 momentjs:1.1.1 msbuild:1.30 nexus-artifact-uploader:2.13 nodejs:1.5.1 nuget:1.1 okhttp-api:4.9.3-105.vb96869f8ac3a openJDK-native-plugin:1.5 packer:1.5 pam-auth:1.8 parameterized-trigger:2.44 pipeline-aws:1.43 pipeline-build-step:2.18 pipeline-github-lib:36.v4c01db_ca_ed16 pipeline-graph-analysis:195.v5812d95a_a_2f9 pipeline-groovy-lib:589.vb_a_b_4a_a_8c443c pipeline-input-step:448.v37cea_9a_10a_70 pipeline-maven:3.10.0 pipeline-milestone-step:101.vd572fef9d926 pipeline-model-api:2.2081.v3919681ffc1e pipeline-model-definition:2.2081.v3919681ffc1e pipeline-model-extensions:2.2081.v3919681ffc1e pipeline-rest-api:2.24 pipeline-stage-step:293.v200037eefcd5 pipeline-stage-tags-metadata:2.2081.v3919681ffc1e pipeline-stage-view:2.24 pipeline-utility-steps:2.12.1 plain-credentials:1.8 plugin-usage-plugin:2.2 plugin-util-api:2.17.0 popper-api:1.16.1-3 popper2-api:2.11.5-2 publish-over:0.22 resource-disposer:0.19 role-strategy:484.v8a_a_e4b_d785fd run-condition:1.5 sbt:1.5 scm-api:608.vfa_f971c5a_a_e9 script-security:1172.v35f6a_0b_8207e shiningpanda:0.24 slack:608.v19e3b_44b_b_9ff snakeyaml-api:1.30.1 sonar:2.14 ssh-agent:295.v9ca_a_1c7cc3a_a_ ssh-credentials:277.v95c2fec1c047 ssh-slaves:1.814.vc82988f54b_10 ssh-steps:2.0.39.v831c5e6468b_c sshd:3.237.v883d165a_c1d3 started-by-envvar:1.0 structs:318.va_f3ccb_729b_71 subversion:2.15.5 terraform:1.0.10 timestamper:1.17 token-macro:293.v283932a_0a_b_49 trilead-api:1.57.v6e90e07157e1 variant:1.4 windows-slaves:1.8.1 workflow-aggregator:578.vf9a_f99755f4a_ workflow-api:1153.vb_912c0e47fb_a_ workflow-basic-steps:948.v2c72a_091b_b_68 workflow-cps:2692.v76b_089ccd026 workflow-cps-global-lib:588.v576c103a_ff86 workflow-durable-task-step:1139.v252a_e12e8463 workflow-job:1182.v60a_e6279b_579 workflow-multibranch:712.vc169a_1387405 workflow-scm-step:400.v6b_89a_1317c9a_ workflow-step-api:625.vd896b_f445a_f8 workflow-support:820.vd1a_6cc65ef33 ws-cleanup:0.42
What Operating System are you using (both controller, and any agents involved in the problem)?
Linux
Reproduction steps
- create a Team job to scan for jenkinsfile
- the scanner works and return projet/branches
- tasks are launched manually
Expected Results
step "Declarative: Checkout SCM" is green
Actual Results
"Declarative: Checkout SCM" is sometimes green, sometimes red.
Anything else?
i have contacted bitbucket in order to get information about the problem. they says :
What I've noticed is that when there's a 200 (successful) event, I can see your user_uuid in our logs + that you've authenticated with an app password. When I look at the 403 events, I can't see any user_uuid passed neither the type of authentication.
there is no difference in action (and code) between successfull and failure event.
I think it could be related to #632 the similarity is that the requests seem to randomly not send any credentials. I too can see the credentials missing in the Bitbucket logs for when the failures occur.
Since i remove the cache for credential in git, it seems to have no issues. But i think the plugin should overwrite this cache to avoid problems.
The request that is failing for me isn't a git request it is a request to the Bitbucket API using Basic credentials set on this plugin.