[JENKINS-31661] Check the root url (Admin monitor + Wizard)

[Wadeck]

The problem is that the application has some little issues when there is no rootURL configured. Example: JENKINS-47426.
Normally with the Setup Wizard, this should not be the case. But there are some exceptions like development instance, administrator that disabled the wizard or if the administrator simply clear the root URL in the config.

There was already a PR (#1921) for the issue but as the PR went too far in the correction it was not merged (as I understand). This PR focuses only on the monitor part.

See JENKINS-31661.

Proposed changelog entries

• Add administrative monitor to check the configuration of the root URL
• Add a new page in the Wizard to let the administrator configure the root URL
• Add an additional option in HttpResponses for sending an error.

Submitter checklist

• JIRA issue is well described
• Changelog entry appropriate for the audience affected by the change (users or developer, depending on the change). Examples
  * Use the Internal: prefix if the change has no user-visible impact (API, test frameworks, etc.)
• Appropriate autotests or explanation to why this change has no tests

Desired reviewers

@reviewbybees @oleg-nenashev @amuniz

Screenshot

[reviewbybees]

This pull request originates from a CloudBees employee. At CloudBees, we require that all pull requests be reviewed by other CloudBees employees before we seek to have the change accepted. If you want to learn more about our process please see this explanation.

[oleg-nenashev]

🐛 The error messages are inversed in the tests. It should be fixed. The rest is fine IMHO.

[oleg-nenashev]

@since may be useful here though not strictly required

[Wadeck]

added

[oleg-nenashev]

"not" is missing somewhere, I'd guess

[Wadeck]

added

[oleg-nenashev]

"not be activated"

[Wadeck]

corrected

[oleg-nenashev]

"must be activated"

[Wadeck]

corrected

[oleg-nenashev]

The test relies on the default JTH behavior. Maybe it makes sense to mention it

[Wadeck]

good point :)

[oleg-nenashev]

🐝

[oleg-nenashev]

@reviewbybees not do-ne

edit: to show it in PR list to review

[daniel-beck]

I just tried with the PR build: Going through the setup wizard leaves Jenkins without a defined root URL.

While I think this admin monitor is a good idea, Jenkins should not be showing warnings (other than "newer Jenkins is available") to someone who just went through the setup wizard.

For that reason, I strongly disagree with merging this change as is. The setup wizard should be extended to allow defining a Jenkins URL (or could perhaps infer one from the URL used to access Jenkins in the setup wizard, similar to how the form field determines its default value?).

Only then would this change make sense.

[daniel-beck]

See previous comment; this does not make sense if the setup wizard leaves the root URL undefined.

[Wadeck]

Werk in progress for the modification in the SetupWizard flow. Under the panel which contain the admin user creation form, I added the new field for RootURL.

Screenshot of the initial proposed version

[Wadeck]

@kzantow do you have time to review those modifications ?
@daniel-beck as requested, the field is proposed during setup, so if you finish the Setup, the root URL will be set.

[oleg-nenashev]

@Wadeck After "werk in progress" I rather expected to see a German translation :D

[oleg-nenashev]

I am a bit aware about the "Proceed as current admin" hyperlink. If I click this button, will the local URL change be applied?

P.S: I would be happy to remove this button at all. It causes too many issues with unintended clicks

[Wadeck]

@oleg-nenashev Yes, I put my "save action" for both the skip and save first user. And as it's a button and not a link, no risk to see anybody doing some ctrl+click or right-click open in a new tab, etc. So normally it should be called all the time.

Predates major changes.

[jglick]

#2935 forces the null check (so #3021 does not save us here), but if it is null, we should just do nothing because Jenkins has not even started up yet anyway. Thus

return loc != null && loc.getUrl() == null;

[Wadeck]

thank you for the information

[jglick]

Just replace the current method parameters with

@QueryParameter String rootUrl

[Wadeck]

nice feature 👍

[jglick]

saveRootUrl specifies the URL to post to, so I suspect action and method could just be deleted.

[Wadeck]

removed

[jglick]

trailing newlines please

[Wadeck]

corrected (also for FR translation)

[jglick]

Could be merged into the preceding test, save a Jenkins startup.

[Wadeck]

done

[oleg-nenashev]

I do not see any obvious issues in the code

[daniel-beck]

Could we get this without adding a dependency that will be available to dependent plugins? E.g. integrate the relevant class into Jenkins with @Restricted?

[daniel-beck]

To clarify, this really should be addressed.

[Wadeck]

👍 addressed, 4 classes included with @Restricted

[daniel-beck]

Needs corresponding proposed changelog entry.

[daniel-beck]

CC @jglick for confirmation, looks good but to be sure.

[daniel-beck]

Not actually true?

[Wadeck]

I think I added the header to the wrong file -.-

[daniel-beck]

Missing license header.

[daniel-beck]

Manually tested behavior looks good.

I'm on-holding this for another week though due to the upcoming core security update. I don't think the risk here is huge, but it's still a substantial change.

obsolete

[kuisathaverat]

LGTM

[dwnusbaum]

Looks good to me. Maybe the imported classes could be moved into a different package since jenkins.org.blah is a little weird but I don't feel strongly about it.

[Wadeck]

Maybe the imported classes could be moved into a different package...

@dwnusbaum it was based on the same concept as used in hudson/org/apache/tools/tar/TarInputStream.java

[Wadeck]

@daniel-beck are we good with this one ?

[daniel-beck]

To be merged later this week.

[dwnusbaum]

@reviewbybees done

[jglick]

Wrong! This strips the trailing slash, which is required. JENKINS-51660

[oleg-nenashev]

@jglick a follow-up PR would be much appreciated

[Wadeck]

Due to Jenkins:2247 for read and JenkinsLocationConfiguration:123 for write it does not seem to have a real impact.

Related change: #3474