Skip to content

fix(jenkins): resolve startup crash after upgrade to 2.555.1 #2169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gounthar merged 1 commit into from
Apr 21, 2026
Merged

fix(jenkins): resolve startup crash after upgrade to 2.555.1 #2169

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .github/workflows/plugin_update.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,12 @@ jobs:
# Create pull request using gh command
gh pr create --title "chore(jenkins): Updates Jenkins plugins" --body "This pull request updates the Jenkins plugins listed in \`plugins.txt\`." --base "$BASE_BRANCH" --head "$BRANCH_NAME"
fi

- name: Capture Jenkins logs on failure
if: failure()
run: |
echo "=== Container status ==="
docker ps -a
echo "=== Jenkins controller logs ==="
CTRL=$(docker ps -a --format "{{.Names}}" | grep controller | head -1)
Copy link

Copilot AI Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This log-capture step can fail (and exit early) if no container name matches controller: with the default GitHub Actions bash settings (-e and pipefail), grep controller returning 1 inside the command substitution will cause the whole step to error. Make the controller lookup non-fatal (e.g., add || true, use grep -m1 ... || true, or use an awk filter that exits 0 when no match) so the diagnostics step reliably runs on failures.

Suggested change
CTRL=$(docker ps -a --format "{{.Names}}" | grep controller | head -1)
CTRL=$(docker ps -a --format "{{.Names}}" | grep -m1 controller || true)

Copilot uses AI. Check for mistakes.
Copy link
Copy Markdown
Collaborator Author

@gounthar gounthar Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot Good catch. The grep controller | head -1 pipeline inside the command substitution will exit 1 when no container matches under bash's default -e/pipefail settings, defeating the purpose of a failure-diagnostics step. The suggested || true fix is the right approach. Will update to:

CTRL=$(docker ps -a --format "{{.Names}}" | grep -m1 controller || true)

This also eliminates the head -1 pipe since grep -m1 stops after the first match.

[ -n "$CTRL" ] && docker logs "$CTRL" 2>&1 | tail -200 || echo "No controller container found"
6 changes: 3 additions & 3 deletions dockerfiles/jenkins.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,7 @@ jenkins:
password: "admin"
authorizationStrategy: loggedInUsersCanDoAnything
crumbIssuer:
standard:
excludeClientIPFromCrumb: false
standard: {}
nodes:
- permanent:
labelString: "docker jenkins agent"
Expand All @@ -23,7 +22,8 @@ jenkins:
credentialsId: "jenkins-ssh-agent-private-key"
host: "desktop-jenkins_agent-1"
port: 22
sshHostKeyVerificationStrategy: "nonVerifyingKeyVerificationStrategy"
sshHostKeyVerificationStrategy:
nonVerifyingKeyVerificationStrategy: {}
Comment on lines 24 to +26
Copy link

Copilot AI Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR also changes the JCasC structure for sshHostKeyVerificationStrategy (from a scalar to a mapping). Since this is not mentioned in the PR description’s root-cause/changes list, it’s unclear whether it’s intentional or required for Jenkins 2.555.1/JCasC compatibility. Please either add a brief note in the PR description explaining why this schema change is needed, or revert it if it’s accidental.

Copilot uses AI. Check for mistakes.
Copy link
Copy Markdown
Collaborator Author

@gounthar gounthar Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot The change is intentional and required for JCasc compatibility with Jenkins 2.555.1. In newer JCasc versions, the scalar shorthand for plugin-backed configurator types (like nonVerifyingKeyVerificationStrategy: "nonVerifyingKeyVerificationStrategy") was deprecated in favor of explicit nested mapping syntax (nonVerifyingKeyVerificationStrategy: {}). Without this change, JCasc would log an attribute resolution warning or fail to bind the strategy correctly. It belongs in the same compatibility fix as the excludeClientIPFromCrumb removal - will add a note to the PR description to make this explicit.

name: "docker-ssh-jenkins-agent"
nodeDescription: "ssh jenkins docker agent "
remoteFS: "/home/jenkins/agent"
Expand Down
4 changes: 2 additions & 2 deletions dockerfiles/plugins.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ credentials-binding:719.v80e905ef14eb_
credentials:1502.v5c95e620ddfe
display-url-api:2.217.va_6b_de84cc74b_
durable-task:664.v2b_e7a_dfff66c
echarts-api:6.0.0-1273.v36fc9fe89332
echarts-api:6.0.0-1279.v4e95ca_f54783
font-awesome-api:7.2.0-983.v3f63c34eddb_9
git-client:6.6.0
git:5.10.1
Expand Down Expand Up @@ -57,7 +57,7 @@ pipeline-stage-step:345.va_96187909426
pipeline-stage-tags-metadata:2.2277.v00573e73ddf1
pipeline-stage-view:2.40
plain-credentials:199.v9f8e1f741799
plugin-util-api:7.1320.v684dd26fca_19
plugin-util-api:7.1330.v47b_46ee2047a_
resource-disposer:0.25
scm-api:728.vc30dcf7a_0df5
script-security:1399.ve6a_66547f6e1
Expand Down
Loading