[JENKINS-62220] Automatically select owner for GitHubAppCredentials acc. to context#527
Merged
jtnord merged 8 commits intojenkinsci:masterfrom May 6, 2022
Merged
Conversation
jglick
changed the title
owner for GitHubAppCredentials acc. to requesting Runowner for GitHubAppCredentials acc. to context
8 tasks
timja
approved these changes
Mar 23, 2022
Member
timja
left a comment
timja
left a comment
There was a problem hiding this comment.
nice, long standing issue where you had to duplicate this
8 tasks
…ource-plugin into Credentials.forRun
… flaking; use `closeTo` for actual times
jglick
commented
Mar 26, 2022
| } | ||
|
|
||
| @NonNull | ||
| @Override |
Member
Author
There was a problem hiding this comment.
Or could comment this out while reverting POM changes.
MarkEWaite
added a commit
to MarkEWaite/docker-lfs
that referenced
this pull request
Mar 26, 2022
Includes GitHub App authentication enhancement from Jesse Glick for credentials by context. jenkinsci/github-branch-source-plugin#527 needs this so that it can use the enhancement in jenkinsci/credentials-plugin#293 Otherwise `withCredentials` works but `checkout scm` does not work
MarkEWaite
added a commit
to MarkEWaite/docker-lfs
that referenced
this pull request
Mar 26, 2022
jenkinsci/github-branch-source-plugin#527 is a draft pull request to automatically select owner for GitHubAppCredentials acc. to context. https://issues.jenkins.io/browse/JENKINS-62220 asks to allow GitHub Apps to support credentials with multiple organizations
jtnord
approved these changes
May 6, 2022
|
hate to bother you like this, but I encoutered https://issues.jenkins.io/browse/JENKINS-70984 this issue recently, I tried to fix other issue by two pr above, but this one is really hard for me, could you please help me with that, the reason seems to be that the git client is not passing context when getting credential. could you please hint me or give me some document to read so I can figure it out? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
https://issues.jenkins.io/browse/JENKINS-62220
Uses jenkinsci/credentials-plugin#293 to ensure that the
ownerfield may be left blank yet the appropriate org will still be selected for a particular build. (At least assuming the lookup is viaCredentialsProvider.findCredentialById, which passes aRun, as it would be for example in awithCredentialsblock.)See discussions e.g. at #290 (comment) or #269 (comment).
Tested with jenkinsci/git-plugin#1242 and an App installed on my account as well as a test org. Was able to create a multibranch project on a private repo in my account
node { checkout scm withCredentials([usernamePassword(credentialsId: '…', passwordVariable: 'GITHUB_TOKEN', usernameVariable: 'xxx')]) { sh 'gh repo view' } }and run builds and get commit statuses.
When creating the App credentials, if you want to use the Test Connection button, you need to temporarily enter an Owner since otherwise there is no context, but you do not need to save it. When selecting the credentials in a dropdown on a branch source, the automatic connection check (which shows the remaining rate limit) will work so long as you have typed in an owner (org folder) or repo URL (multibranch folder).