jira-steps-plugin icon indicating copy to clipboard operation
jira-steps-plugin copied to clipboard
verified publisher icon jenkinsci

Feature/token

Open reftel opened this issue 2 years ago • 13 comments

Description

See JENKINS-66449.

This change lets users pick StringCredentials in addition to UsernamePasswordCredentials in the credentials drop-down in the settings. This makes the SigningInterceptor send the secret of the credential as a bearer token, instead of using username and password for Basic Authentication. See https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html for the documentation on the Jira side.

There are automated tests in SingningInterceptorTest.

This can be tested manually by adding a Personal Access Token on a Jira instance, and add that as a String Credential in Jenkins. Then add a new site in the settings of jira-steps-plugin for that Jira instance, and choose Credentials as login type, and pick the new credential in the drop-down. Verify that a pipeline can run Jira steps using the new site.

Submitter checklist

  • [x] Link to JIRA ticket in description, if appropriate.
  • [x] Change is code complete and matches issue description.
  • [x] Appropriate unit or acceptance tests or explanation to why this change has no tests.
  • [x] Reviewer's manual test instructions provided in PR description. See Reviewer's first task below.

Reviewer checklist

  • [ ] Run the changes and verified the change matches the issue description.
  • [ ] Reviewed the code.
  • [ ] Verified that the appropriate tests have been written or valid explanation given.
  • [ ] If applicable, tested by installing this plugin on the Jenkins instance.

reftel avatar Dec 21 '23 08:12 reftel

Ping @nrayapati

reftel avatar Jan 04 '24 07:01 reftel

Ping @nrayapati

reftel avatar Jan 22 '24 09:01 reftel

@nrayapati can you please review?

jiricermak-sap avatar Mar 05 '24 08:03 jiricermak-sap

@nrayapati @nfalco79 Can you review this PR? This is a very useful feature.

KylanZhang avatar Apr 11 '24 08:04 KylanZhang

i'm already using code from this PR for some time, and eveything works fine for me - is there any chance to see it merged into master?

faminepq avatar May 22 '24 15:05 faminepq

I'm not the mantainer, so my code review is useless to proceed with merge

nfalco79 avatar May 23 '24 07:05 nfalco79

This is critically needed, my org has forced a move to disabling basic auth, and oauth is not supported, so this would be the only way to continue using this plugin.

akulakhan avatar May 28 '24 16:05 akulakhan

This is critically needed, my org has forced a move to disabling basic auth, and oauth is not supported, so this would be the only way to continue using this plugin.

I'm in the same situation, had to locally build code from the fork and upload it manually... Anyway seems like this plugin is abandoned :-( @nrayapati

faminepq avatar May 29 '24 12:05 faminepq

@reftel After upgrading Jenkins to latest LTS - i've started getting Parameter specified as non-null is null: method okhttp3.Credentials.basic, parameter username (also for Test Connection button click). Have not updated jenkins for cca 2 months, previously everything worked fine. Any tip what might be the problem? Everything is set as before (i'm restoring configs&secrets from backup).

faminepq avatar Jun 20 '24 12:06 faminepq

Looks to me like the only place where that method is called is when setting up proxy authentication. You should be able to get that exception if you have proxyConfiguration being non-null, but proxyConfiguration.getUserName() returning null. Are you using a proxy that requires authentication? If not, could you please check if you have a partially filled in proxy authentication configuration ("HTTP Proxy Configuration" in the global Jenkins configuration, not specific to Jira Steps) that you could delete?

reftel avatar Jun 20 '24 12:06 reftel

Thank you for quick response. We use/need proxy + port + no_proxy settings, but we're not using username & password. Alas, i cannot delete all proxy settings, since we need it.

In Jenkins changelog i've found this change, which might be related to the problem: https://github.com/jenkinsci/jenkins/pull/8990/files

Anyway once i've removed on our test server all proxy settings, it started working... but proxy settings are needed for other urls.

faminepq avatar Jun 20 '24 13:06 faminepq

Screenshot 2024-06-21 at 10 08 10 So the problem is not in your PR, it's for another PR... Change in screenshot above fixed the issue for me. So it was really caused by this jenkins change: https://github.com/jenkinsci/jenkins/pull/8990

faminepq avatar Jun 21 '24 08:06 faminepq

Fixed in 8c4a487 . Thank you!

reftel avatar Jun 21 '24 12:06 reftel

Closing this PR due to 60 days of inactivity.

github-actions[bot] avatar Feb 15 '25 18:02 github-actions[bot]

Any chance of reactivating this PR? It was closed only because of inactivity, but it already contains some fixes. It would be great to have support for personal access tokens in the plugin, especially since @reftel has already worked on this.

devqore avatar Jun 30 '25 08:06 devqore