Comments (14)
tomasbjerre
commented on June 21, 2024
Do you see anything in the server log (Tomcat server?)?
Did you invoke the curl command from the machine running Jenkins?
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
Nice pointers.
- Nothing related in Manage Jenkins > System Log.
- Nothing in tomcat files.
- However, running curl on slave (I was running it on master earlier...):
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
So yeah, I assume that's the problem. I'm adding the required SSL certs now... will ping once done and tested.
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
Unfortunately, that didn't change anything... got more ideas?
More verbose logging / error tracing would be neat here.
from violation-comments-to-stash-plugin.
tomasbjerre
commented on June 21, 2024
This line should give a stacktrace in the serlver log: https://github.com/jenkinsci/violation-comments-to-stash-plugin/blob/master/src/main/java/org/jenkinsci/plugins/jvctb/perform/JvctbPerformer.java#L93
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
@tomasbjerre Ha, indeed. I've never really debugged Jenkins so I missed slave logs π©. I'm seeing:
Oct 24, 2016 1:42:44 PM se.bjurr.violations.comments.lib.CommentsCreator <init>
INFO: 0 violations.
Oct 24, 2016 1:42:45 PM org.jenkinsci.plugins.jvctb.perform.JvctbPerformer doPerform
SEVERE:
java.lang.RuntimeException: Error calling:
https://mystash.gtn/rest/api/1.0/projects/COSMOS/repos/cosmos/pull-requests/184/changes?limit=999999
GET
null
at se.bjurr.violations.comments.bitbucketserver.lib.client.BitbucketServerInvoker.invokeUrl(BitbucketServerInvoker.java:56)
at se.bjurr.violations.comments.bitbucketserver.lib.client.BitbucketServerClient.invokeAndParse(BitbucketServerClient.java:78)
at se.bjurr.violations.comments.bitbucketserver.lib.client.BitbucketServerClient.pullRequestChanges(BitbucketServerClient.java:41)
at se.bjurr.violations.comments.bitbucketserver.lib.BitbucketServerCommentsProvider.getFiles(BitbucketServerCommentsProvider.java:73)
at se.bjurr.violations.comments.lib.CommentsCreator.<init>(CommentsCreator.java:39)
at se.bjurr.violations.comments.lib.CommentsCreator.createComments(CommentsCreator.java:24)
at se.bjurr.violations.comments.bitbucketserver.lib.ViolationCommentsToBitbucketServerApi.toPullRequest(ViolationCommentsToBitbucketServerApi.java:80)
at org.jenkinsci.plugins.jvctb.perform.JvctbPerformer.doPerform(JvctbPerformer.java:90)
at org.jenkinsci.plugins.jvctb.perform.JvctbPerformer$1.invoke(JvctbPerformer.java:124)
at org.jenkinsci.plugins.jvctb.perform.JvctbPerformer$1.invoke(JvctbPerformer.java:111)
at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2772)
at hudson.remoting.UserRequest.perform(UserRequest.java:153)
at hudson.remoting.UserRequest.perform(UserRequest.java:50)
at hudson.remoting.Request$2.run(Request.java:332)
at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:68)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at se.bjurr.violations.comments.bitbucketserver.lib.client.BitbucketServerInvoker.invokeUrl(BitbucketServerInvoker.java:42)
... 18 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
... 29 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 35 more
I'm running:
$ java -version
java version "1.8.0_111"
Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)
I guess java doesn't automatically read the SSL certs from /usr/share/ca-certificates where I put them. Studying...
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
That did the trick: I just had to import the certs with keytool into Java's castore and restart slaves. Thanks for prompt support @tomasbjerre!
I guess there's nothing to do here: in perfect world, you might want to catch javax.net.ssl.SSLHandshakeException and hint user about SSL issue in the job logs, instead of outputting null. On the other hand, when you take a look at slave logs, it's pretty evident what's wrong... what do you think?
from violation-comments-to-stash-plugin.
tomasbjerre
commented on June 21, 2024
Or have the entire stacktrace sent to jenkins build job log?
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
If that's not against Jenkins usability/convention guidelines, why not.
from violation-comments-to-stash-plugin.
tomasbjerre
commented on June 21, 2024
I just released this. Should be in the Jenkins update center within a few hours.
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
Unfortunately my slaves are properly configured properly now so I cannot reproduce this exact issue anymore. In any case, I think this can be closed now. Thanks again!
from violation-comments-to-stash-plugin.
tomasbjerre
commented on June 21, 2024
Do you see anything in your server log? The application server, (Tomcat?).
Den 24 okt. 2016 14:33 skrev "Tuukka Mustonen" [email protected]:
I have server URL (+credentials), project and repo keys configured. When I
run build, it fails to:Will comment PR COSMOS/cosmos/184 on https://mystash.gtn
Error calling:https://mystash.gtn/rest/api/1.0/projects/COSMOS/repos/cosmos/pull-requests/184/changes?limit=999999
GET
nullIf I run that query from command line:
``curl -u user:pass https://mystash.gtn/rest/api/
1.0/projects/COSMOS/repos/cosmos/pull-requests/184/changes?limit=999999{"fromHash":"9a4694b7fdf89163cd5caa880193f41273071c0d","toHash":"
a78ee3de5f3c83bf79bb4c4057ca74174eff7e39","values":[{"contentId":"
a77b0ec15f396e6ac61ee24a178324c79cc5bae9","fromContentId":"
1136127a32ee434a1f5cae9a0a8a9f8ee96b9ce4","path":{"
components":["tasks.py"],"parent":"","name":"tasks.py","
extension":"py","toString":"tasks.py"},"executable":false,
"percentUnchanged":-1,"type":"MODIFY","nodeType":"FILE","
srcExecutable":false,"links":{"self":[null]}}],"size":1,"
isLastPage":true,"start":0,"limit":999999,"nextPageStart":null}Any pointers what might be wrong here? Bitbucket Server version is 4.9.1 and in the PR I'm building I have changes in
tasks.py.At least the error message should be improved (if I'm just missing configs).
β
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#21,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAa1E679RNhzawnUEdl_i4sIKbSQkOlxks5q3KWpgaJpZM4Keu5S
.
from violation-comments-to-stash-plugin.
tuukkamustonen
commented on June 21, 2024
Mmm, what do you mean, what should I look for? I have added required SSL certs to java keystore so this issue doesn't occur anymore.
If you mean does it show traceback on job console now, yes it does. For example, in #24 I got that trace right in the job's console.
from violation-comments-to-stash-plugin.
tomasbjerre
commented on June 21, 2024
Sorry =) That was my first reply to this issue. Made it from my phone but the email got delayed for some reason =)
from violation-comments-to-stash-plugin.
James-Dengel
commented on June 21, 2024
I had this issue as well, was a bit confusing as the jenkins master had the certs and the stash notifier and git was dealing with the certificates the correct way, might be nice to document that it's the slave that requires the certs does the posting to bitbucket rather than the master.
from violation-comments-to-stash-plugin.
Related Issues (20)
- "Outdated" comments not deleted HOT 27
- Credentials not found error HOT 17
- NPE since v1.76 HOT 1
- Plugin doesnβt send comments to bitbucket HOT 17
- All violations related to one file in one comment HOT 7
- Recognition of changed lines seems to not work correclty HOT 15
- Escaped single quote characters in comments
- Allow INFO Files changed to include all scanned files HOT 1
- Violation plugin iterates over files not mentioned in report HOT 6
- NPE after deleting comments HOT 2
- Identify that detecting violations from console/stage output is not supported (directly) HOT 7
- To support Code Insights HOT 2
- INFO POST .../pull-requests/3/comments 400 HOT 5
- Add support for client certificate as credentials HOT 1
- Feature: ignore certain folders/paths/globs HOT 4
- Limit logging of files from Violations Lib HOT 5
- When files paths contains spaces in fails to report warnings HOT 1
- Jenkins agents becoming unresponsive during violations run HOT 3
- Report the "indent" level of an issue HOT 6
- warnings lost, or added as general comments HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from violation-comments-to-stash-plugin.