New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-70746] Fix missing permission error when processing changes #288
Conversation
@MarkEWaite a review would be appreciated. |
Just a bit of feedback to say I've just tested it on a local installation, and it seems to work. Thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I confirmed that I can duplicate the problem in the 646 release and confirmed that this resolves the problem. Thanks very much.
Could you explain the last argument to the lookupCredentials
? I'm not clear why the credentials being read need to be a subclass of the domain credentials. I approve based on my interactive testing but would like to better understand that condition.
Thanks very much for the fast fix!
As an optional comment, it is easier for readers of the changelog if you change the title of the pull request to provide more details about the issue being fixed. I would propose: [JENKINS-70746] Fix missing permission error when processing changes |
@MarkEWaite thanks for the timely review!
The intention was simply to remove the warning about the deprecated lookupCredentials method. So there might be better ways to do this.
You are absolutely right. I used to know this. 😬 |
@jetersen friendly ping |
@jetersen it would be nice to release this regression fix soon, since it affects all user wanting to upgrade to the latest version. Do you have an ETA for the next release? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@jetersen Thanks! |
This commit removes the permission check when accessing the webhook secret. Since this can be called from a webhook or systemhook trigger which have no permission context, there is no way (that I know of) to set the right context.
The regression was introduced by #267.
This fixes #286 and related https://issues.jenkins.io/browse/JENKINS-70746.
I have tested this successfully in our production environment.