[JENKINS-41522] Add better trust checking by allowing non-forked code to be trusted #109
Conversation
efac180 to
e9bac8f
Compare
|
@jglick probing because this is holding a lot of people back on the new SCM stuff |
e9bac8f to
c00a3d6
Compare
|
👍 Thanks for the quick turn around on this issue! |
|
are there any cases where someone committing to a non forked branch of a github repo may have less access to master? ie less reason to "trust" their Jenkinsfile? (if I Have understood this improvement correctly). |
|
No, if anything I'm more comfortable trusting people that are able to push to the upstream than I am someone listed as a contributor |
|
sounds good to me then... cc @jglick - for consideration, as according to https://issues.jenkins-ci.org/browse/JENKINS-37931, the intention was to allow merged Jenkinsfiles/Jenkinsfiles from origin PRs all along, but it just has very specific requirement on github permissions which isn't quite clear. |
|
@jglick any updates? I dont want to try to keep resolving conflicts whenever master changes if possible. |
|
+1 This is hindering our efforts to get new jobs setup & tested via a PR without merging straight into the base branch |
|
What if I ping @batmat @Vlatombe @KostyaSha @stephenc This is really a show stopper for multiple people. |
|
NOTHING is getting merged until https://issues.jenkins-ci.org/browse/JENKINS-41234 is resolved and the releases land in the update center |
|
Can this be a part of it is what I'm getting towards. Even when those get released this will still be a factor. I realize 2.0 is in fallout, but this is an easy fix that would make many people jump to it as soon as its solid. Without this even after the fallout we'll still have an issue with adoption. |
|
@myoung34 I have no issues with it being RealSoon™ after the 2.0 fallout, but I am not adding anything new into the code that is currently being soak tested as that would restart the tests |
|
@stephenc that's fine. This is more about knowing that an issue is actually an issue. Being merged on something both labeled fallout and in beta I don't expect to get any resolution right away. I really just wanted some sort of acknowlegement that my efforts arent wasted and that there's not a disconnect between what we think is an issue (JENKINS-37931, JENKINS-40652) and something that some might say is either "as intended". Or that this fix does not at least provide a starting place. I think it's just safe to say we're excited about SCM 2.0 and that as soon as its resolved with some relaxation on trusted files/PR's we'd upgrade faster than you can hit merge. |
|
Minimal fix of regression is in #114 these changes will be reviewed as part of https://issues.jenkins-ci.org/browse/JENKINS-41522 |
Not just the intention—AFAIK it did do this until that got regressed accidentally in a 2.x version.
No permission check is necessary for an origin PR. These are trusted by definition. |
|
@stephenc if none of this pr is needed for port you can close it. The latest build (beta-6) built my PR as expected... However it still says not trusted. I'm guessing that log output is not affected by #114 |
|
@myoung34 you took the trouble to create a PR, the least I can do is take the due time and attention to review your PR and see if there is any of it that remains appropriate. I do not want to close this PR until I have given your contribution the attention it deserves and I created the JENKINS-41522 issue to ensure that your contribution is not forgotten (even if in the end we may end up not using any of it) and to record the value we place in your time and effort creating this PR in the first place. #114 is just the minimal fix of the critical regression and the immediate priority is returning the 2.0.x versions of these plugins into the update center so that we can move forward and fix other important (but less critical) issues with these plugins |
|
The 2.0 stuff hopefully may be out tomorrow (well depends on your timezone) so would be a good time to revisit that after the dust settles. |
|
My only real contribution from this ticket may be a takeaway more than code, and the Jenkinsfile resolves it at a minimum, but as someone who ran into this, here's my thoughts:
|
|
#1: Agree - should always trust a non fork, I can't see why not. #2: well I would think if there is a way to think about not having an option - and think really hard what default should be. Only as a last resort, add another confusing hard to explain option. #3: the new SCM api changes help that by a LOT. I think there is more to do but it is in progress. |
|
any updates on this? Would love to see my PRs building again... |
|
What's the issue? They filed an MVC pr in #114 that has had me able to build since |
|
Anyone know who we can pester to get this merged? This is stopping a lot of work! |
|
This will be considered after https://issues.jenkins-ci.org/browse/JENKINS-43426 has been delivered (though I suspect that the full acceptance criteria for that UX refactoring will include a fix for this issue through the ability to control the trust of forks) |
|
Here is a preview of the new UI. Hopefully this will explain why I have been blocking any new PRs until this work gets completed:
|
|
BTW the Trust drop-down in "Discover pull requests from forks" is an extension point so that plugins can provide their own trust determination alogorithms |
|
@stephenc Having just done the SCM 2.0 upgrade, I can tell you that this configuration looks great and is much more intuitive than the current settings. Shouldn't |
|
If you can write to the origin repo, you are trusted. So there is no need to set trust on the origin repo PRs. It's only fork PRs that need trust |
FWIW recently this has come up as a point of confusion for new users of Blue Ocean and Pipeline |
|
Is this not solving the same issue as #134? |
|
@stephenc is there something in the Traits work that will cover this? |
|
I think this is essentially covered by JENKINS-43507, there are potentially some cases where the existing trust extension points are not sufficient for some use cases, but I think those should be handled in a fresh PR |
This resolves: