[JIRA] (JENKINS-59381) OWASP Plugin 1.6 crashed Jenkins

[jtavin@gmail.com (JIRA)]

Joe Tavin created an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins Issue Type: Bug Assignee: Unassigned Attachments: Annotation 2019-09-15 221954.jpg Components: antisamy-markup-formatter-plugin Created: 2019-09-15 19:27 Environment: Jenkins Server: 2.194 (currently latest) Java: OpenJDK build 1.8.0_141-8u141 OS: Ubuntu 14.04 LTS Priority: Minor Reporter: Joe Tavin Upgrade to latest release of plugin crashed our Jenkins server totally. Issue Plugin is not upgrade-able, Jenkins crashes with all other plugins when upgraded to version 1.6 Error Messages: 2019-09-15 16:20:34.699+0000 [id=36] WARNING h.ExtensionFinder$GuiceFinder$SezpozModule#configure: Failed to load org.jenkinsci.plugins.envpropagator.SetEnvVariables java.lang.ClassNotFoundException: hudson.cli.CommandDuringBuild2019-09-15 16:20:37.745+0000 [id=36] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the plugins Tried the following: 1. Deleting anitsamy-markup-formatter manually from Plugins directory. however this only caused v1.1 to get installed after server restart.And then many other plugins are not compatible with the old version, see screenshot attached Also tried 2. Upgrading the Plugin after previous step from v1.1 to to v1.5 via  manual upload of the .hpi file in the `Advanced` tab.However this version too crashed Jenkins.Server does not start AT ALL with same errors as before. Add Comment

This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)

[jtavin@gmail.com (JIRA)]

Joe Tavin assigned an issue to Jesse Glick

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Assignee: Jesse Glick

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Priority: Minor Major

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins Change By: Joe Tavin

Upgrade to latest release of OWASP HTML Formatter plugin crashed our Jenkins server totally.

Issue Plugin is not upgrade-able, Jenkins crashes with all other plugins when upgraded to version 1.6

Error Messages: {code:java}

2019-09-15 16:20:34.699+0000 [id=36] WARNING h.ExtensionFinder$GuiceFinder$SezpozModule#configure: Failed to load org.jenkinsci.plugins.envpropagator.SetEnvVariables java.lang.ClassNotFoundException: hudson.cli.CommandDuringBuild2019-09-15 16:20:37.745+0000 [id=36] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the plugins

{code} Tried the following: 1. Deleting anitsamy-markup-formatter manually from Plugins directory. however this only caused v1.1 to get installed after server restart.And then many other plugins are not compatible with the old version, see screenshot attached !Annotation 2019-09-15 221954.jpg!

Also tried 2. Upgrading the Plugin after previous step from v1.1 to to v1.5 via  manual upload of the .hpi file in the

` " Advanced ` " tab.However this version too crashed Jenkins.

Server does not start AT ALL with same errors as before.

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins Change By: Joe Tavin

Upgrade to latest release of OWASP HTML Formatter plugin crashed Jenkins server totally.

Jenkins crashes with all other plugins when upgraded to version 1.6 Error Messages: {code:java} 2019-09-15 16:20:34.699+0000 [id=36] WARNING h.ExtensionFinder$GuiceFinder$SezpozModule#configure: Failed to load org.jenkinsci.plugins.envpropagator.SetEnvVariables java.lang.ClassNotFoundException: hudson.cli.CommandDuringBuild2019-09-15 16:20:37.745+0000 [id=36] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the plugins {code} Tried the following:

1. Deleting anitsamy-markup-formatter manually from Plugins directory. however this only caused v1.1 to get installed after server restart .And then (expected?) Then many other plugins are not compatible with the old version, see screenshot attached below:

!Annotation 2019-09-15 221954.jpg! Also tried 2. Upgrading the Plugin after previous step from v1.1 to to v1.5 via  manual upload of the .hpi file in the "Advanced" tab.However this version too crashed Jenkins. Server does not start AT ALL with same errors as before.

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Environment:

Jenkins Server: 2.194 (currently latest)

Installed as System Service (init.d) on Ubuntu 14.04 LTS

Java: OpenJDK build 1.8.0_141-8u141 OS: Ubuntu 14.04 LTS

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Labels: markup-formatter

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin assigned an issue to Daniel Beck

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Assignee: Jesse Glick Daniel Beck

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins Change By: Joe Tavin

Upgrade to latest release of OWASP HTML Formatter plugin crashed Jenkins server totally. Jenkins crashes with all other plugins when upgraded to version 1.6

Error Messages: Errors in{{ /var/log/jenkins/jenkins.log}}

{code:java} 2019-09-15 16:20:34.699+0000 [id=36] WARNING h.ExtensionFinder$GuiceFinder$SezpozModule#configure: Failed to load org.jenkinsci.plugins.envpropagator.SetEnvVariables java.lang.ClassNotFoundException: hudson.cli.CommandDuringBuild2019-09-15 16:20:37.745+0000 [id=36] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the plugins {code}

Tried the following   Did not work :

1. Deleting anitsamy-markup-formatter manually from Plugins directory. however this

This only caused v1.1 to get installed after server restart (expected?)   Then many other plugins are not compatible with the old version, see screenshot below :

!Annotation 2019-09-15 221954.jpg! Also tried 2. Upgrading the Plugin after previous step from v1.1 to to v1.5 via  manual upload of the .hpi file in the "Advanced" tab.

However this version too also crashed Jenkins.

Server does not start AT ALL with same errors as before.

Additional issue is that after crash, Jenkins UI shows this error {code:java} java.lang.NullPointerException at hudson.plugins.git.GitSCM.onLoaded(GitSCM.java:1895) Caused: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:104) Caused: java.lang.Error at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:110) at hudson.init.TaskMethodFinder$TaskImpl.run(TaskMethodFinder.java:175) at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296) at jenkins.model.Jenkins$5.runTask(Jenkins.java:1118) at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214) at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused: org.jvnet.hudson.reactor.ReactorException at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:282) at jenkins.InitReactorRunner.run(InitReactorRunner.java:48) at jenkins.model.Jenkins.executeReactor(Jenkins.java:1152) at jenkins.model.Jenkins.<init>(Jenkins.java:959) at hudson.model.Hudson.<init>(Hudson.java:85) at hudson.model.Hudson.<init>(Hudson.java:81) at hudson.WebAppMain$3.run(WebAppMain.java:233) Caused: hudson.util.HudsonFailedToLoad at hudson.WebAppMain$3.run(WebAppMain.java:250) {code} Error and "resolution" is reproducible on this environment and has been reproduced in both states multiple times.

Add Comment

[dbeck@cloudbees.com (JIRA)]

Daniel Beck assigned an issue to Unassigned

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Daniel Beck Assignee: Daniel Beck

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin

Upgrade to latest release of OWASP HTML Formatter plugin crashed Jenkins server totally. Jenkins crashes with all other plugins when upgraded to version 1.6

Errors in \ {{ /var/log/jenkins/jenkins.log}} {code:java} 2019 root@jenkins:/home/ubuntu# tail - f /var/log/jenkins/jenkins.log|grep -A2 SEVERE root@jenkins:/home/ubuntu# tail -f /var/log/jenkins/jenkins.log|grep -A2 SEVERE2019- 09-15 16 19 : 20 37 : 34 10 . 699 079 +0000 [id= 36 28 ] WARNING SEVERE h.ExtensionFinder$GuiceFinder $SezpozModule # configure <init> : Failed to load create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci.plugins. envpropagator scriptler . SetEnvVariables ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader. java :1383) --2019-09-15 19:37:11 . 479+0000 [id=28] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the pluginsjava. lang.ClassNotFoundException: hudson org . cli jenkinsci . CommandDuringBuild2019 plugins.scriptler.ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader.java:1383) - -2019- 09-15 16 19 : 20: 37 :12 . 745 761 +0000 [id= 36 28 ] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci. plugins .scriptler.ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader.java:1383) --2019-09-15 19:37:12.816+0000 [id=32] SEVERE jenkins.InitReactorRunner$1#onTaskFailed: Failed Contributed.loadjava.lang.NullPointerException at jenkins.security.CustomClassFilter$Contributed.load(CustomClassFilter.java:155) --2019-09-15 19:37:12.818+0000 [id=37] SEVERE jenkins.InitReactorRunner$1#onTaskFailed: Failed PluginImpl.initjava.lang.IllegalStateException: Expected 1 instance of hudson.PluginManager$PluginUpdateMonitor but got 0 at hudson.ExtensionList.lookupSingleton(ExtensionList.java:451) --2019-09-15 19:37:12.818+0000 [id=36] SEVERE jenkins.InitReactorRunner$1#onTaskFailed: Failed RekeySecretAdminMonitor.scanOnRebootjava.lang.IllegalArgumentException: Unable to inject class jenkins.security.RekeySecretAdminMonitor at hudson.init.TaskMethodFinder.lookUp(TaskMethodFinder.java:125)--2019-09-15 19:37:12.818+0000 [id=29] SEVERE jenkins.InitReactorRunner$1#onTaskFailed: Failed GitSCM.onLoadedjava.lang.NullPointerException at hudson.plugins.git.GitSCM.onLoaded(GitSCM.java:1895) --2019-09-15 19:37:12.818+0000 [id=31] SEVERE jenkins.InitReactorRunner$1#onTaskFailed: Failed UserIdMapper.initjava.lang.IllegalArgumentException: Unable to inject class hudson.model.UserIdMapper at hudson.init.TaskMethodFinder.lookUp(TaskMethodFinder.java:125) --2019-09-15 19:37:12.822+0000 [id=21] SEVERE hudson.util.BootFailure#publish: Failed to initialize Jenkinsjava.lang.NullPointerException at hudson.plugins.git.GitSCM.onLoaded(GitSCM.java:1895) --2019-09-15 19:37:13.189+0000 [id=21] SEVERE jenkins.model.Jenkins$18#onTaskFailed: Failed NioChannelSelector.cleanUpjava.lang.IllegalArgumentException: Unable to inject class jenkins.slaves.NioChannelSelector at hudson.init.TaskMethodFinder.lookUp(TaskMethodFinder.java:125) --2019-09-15 19:37:13.202+0000 [id=21] SEVERE jenkins.model.Jenkins$18#onTaskFailed: Failed IOHubProvider.cleanUpjava.lang.IllegalArgumentException: Unable to inject class jenkins.slaves.IOHubProvider at hudson.init.TaskMethodFinder.lookUp(TaskMethodFinder.java:125) {code}

Did not work: 1. Deleting anitsamy-markup-formatter manually from Plugins directory.

This only caused v1.1 to get installed after server restart (expected?)

Then many other plugins are not compatible with the old version, see screenshot:

!Annotation 2019-09-15 221954.jpg! Also tried 2. Upgrading the Plugin after previous step from v1.1 to to v1.5 via  manual upload of the .hpi file in the "Advanced" tab.

However this version also crashed Jenkins.

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins Change By: Joe Tavin

Upgrade to latest release of OWASP HTML Formatter plugin crashed Jenkins server totally. Jenkins crashes with all other plugins when upgraded to version 1.6

Errors in \{{ : File: /var/log/jenkins/jenkins.log }} {code:java} root@jenkins:/home/ubuntu# tail -f /var/log/jenkins/jenkins.log|grep -A2 SEVERE root@jenkins:/home/ubuntu# tail -f /var/log/jenkins/jenkins.log|grep -A2 SEVERE2019-09-15 19:37:10.079+0000 [id=28] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci.plugins.scriptler.ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader.java:1383) --2019-09-15 19:37:11.479+0000 [id=28] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci.plugins.scriptler.ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader.java:1383) --2019-09-15 19:37:12.761+0000 [id=28] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci.plugins.scriptler.ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader.java:1383)

[dbeck@cloudbees.com (JIRA)]

Daniel Beck commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Failed to create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci.plugins.scriptler.ScriptlerManagement

My guess is that you (also) updated uno-choice ("Active Choices") plugin, and that messed this up, claiming to have an optional dependency that is, in fact, mandatory.

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Daniel Beck, so you suggest downgrading Active Choices? To which version?

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Seems the Scriptler Plugin required the latest Alpha version 3.0 , after installing that we could downgrade OWASP to 1.5 and Jenkins starts.

Add Comment

[dbeck@cloudbees.com (JIRA)]

Daniel Beck closed an issue as Not A Defect

Jenkins / JENKINS-59381

OWASP Plugin 1.6 crashed Jenkins

Change By: Daniel Beck Status: Open Closed Resolution: Not A Defect

Add Comment

[iskoroman@gmail.com (JIRA)]

Roman Isko commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins Joe Tavin, I've just fixed Jenkins by downgrading Active Choice plugin to version 2.1. In plugins directory I've restored the backup version of the plugin and restarted jenkins with these commands: cd /var/lib/jenkins/plugins/ sudo mv uno-choice.jpi uno-choice.jpi.bak sudo mv uno-choice.bak uno-choice.jpi sudo systemctl restart jenkins.service

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin edited a comment on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Seems the Scriptler Plugin was required as opposed to Optional as it appears in ActiveState plugin [site|[https://plugins.jenkins.io/uno-choice]] We installed the latest Alpha Scriptler version 3.0 , after installing that we could downgrade OWASP to 1.5 and Jenkins starts this resolved the issue .

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381

OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Labels: active-choices markup-formatter

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins Change By: Joe Tavin

Upgrade to latest release of OWASP HTML Formatter plugin crashed Jenkins server totally. Jenkins crashes with all other plugins when upgraded to version 1.6

Errors:

File: /var/log/jenkins/jenkins.log {code:java} root@jenkins:/home/ubuntu# tail -f /var/log/jenkins/jenkins.log|grep -A2 SEVERE

root@jenkins:/home/ubuntu# tail - f /var/log/jenkins/jenkins.log|grep - A2 SEVERE2019 2019 -09-15 19:37:10.079+0000 [id=28] SEVERE h.ExtensionFinder$GuiceFinder#<init>: Failed to create Guice container from all the pluginsjava.lang.ClassNotFoundException: org.jenkinsci.plugins.scriptler.ScriptlerManagement at jenkins.util.AntClassLoader.findClassInComponents(AntClassLoader.java:1383)

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Attachment: image-2019-09-16-12-14-51-900.png

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin edited a comment on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins Thanks. It actually works with uno-choice ("Active Choices") plugin v2.2 after installing upgrading Scriptler. Seems RC was an optional requirement of Scriptler that should have been mandatory as [~danielbeck] suggested before. !image-2019-09-16-12-14-51-900.png|width=931,height=250!

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Thanks. It actually works with uno-choice ("Active Choices") plugin v2.2 after installing Scriptler. Seems RC was an optional requirement of Scriptler that should have been mandatory as Daniel Beck suggested before.

Add Comment

[brunodepaulak@yahoo.com.br (JIRA)]

Bruno P. Kinoshita commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Hi, sorry for the update that broke it. It appears we made scriptler a non-optional dependency. Will try to get a fix in this week and cut a new release.

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381

OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Labels: active-choices markup-formatter ActiveChoices

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Environment: - Jenkins Server: 2.194 ( currently latest at 15/9/2019 ) - Installed as System Service (init.d) on Ubuntu 14.04 LTS - Java: OpenJDK build 1.8.0_141-8u141

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Environment: - Jenkins Server: 2.194 (currently latest)

- Installed as System Service (init.d) on Ubuntu 14.04 LTS - Java: OpenJDK build 1.8.0_141-8u141

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin updated an issue

Jenkins / JENKINS-59381 OWASP Plugin 1.6 crashed Jenkins

Change By: Joe Tavin Component/s: active-choices-plugin Component/s: antisamy-markup-formatter-plugin

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins Bruno P. Kinoshita, correct?

Add Comment

[jtavin@gmail.com (JIRA)]

Joe Tavin edited a comment on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

Thanks [~kinow]  Is this related , correct no ?

Add Comment

[brunodepaulak@yahoo.com.br (JIRA)]

Bruno P. Kinoshita commented on JENKINS-59381

Re: OWASP Plugin 1.6 crashed Jenkins

I haven't tested with the scenario described here. The exception looks the same users got in active choices when upgrading to 2.2. Released 2.2.1 last night (New Zealand time) with a tentative fix. One user reported it worked so far.

Add Comment