1

We have a git repo from which on every PR, a Jenkins job is triggered which does some validations on the code changes. The job has been in place for a long time and was working fine until yesterday after which it starts failing with an exception thrown for a user who left our organization 4 months ago. In these last 4 months, we have had several jobs which worked fine. Today I restored my Jenkins from a backup which was taken on 3rd Aug and then it started working again and now after sometime, same issue re-occured. Attached is the screenshot of issue we are facing.

enter image description here

Any inputs on what could have been the issue?

R.B.
  • 479
  • 5
  • 19
  • Shell scripts exits with status code 0. This happens after everything in the job has been done. – R.B. Aug 24 '21 at 20:01
  • 1
    Please read: [Why not upload images of code/errors when asking a question?](https://meta.stackoverflow.com/q/285551/1744774) – Gerold Broser Aug 24 '21 at 23:39

1 Answers1

0

It seems to me that you are using LDAP security, which means that this user had rights, but at some point they were revoked (by your admins, for LDAP security I think that you cannot enable/disable users in Jenkins). This is why your job started failing. When you restore Jenkins backup maybe there is a cache and this is the reason why it works for some time (just guessing).
You can execute the job with user that has enabled LDAP account.
There is an interesting bug, that is in status merged so you can try to upgrade/downgrade your Jenkins master and plugins if this is an option for you. Also you can have a look at this bug.
You can also try to recreate the job/webhook with another user and to restart master and slaves.

K. B.
  • 3,342
  • 3
  • 19
  • 32
  • On the day of backup, the user was already gone. Also, job is triggered by github webhook and not by any specific user. This user's credentials are not being used anywhere. Is there a cache that we can clear manually? – R.B. Aug 25 '21 at 01:25
  • This more seems like a Jenkins bug to me, I have updated my answer. There could be some API key in Jenkins-> Credentials that is created by this user, but this is a wild guess. – K. B. Aug 25 '21 at 05:45
  • Our ldap plugin and Jenkins are both on latest releases. And the credentials are created by me only, this user was never involved in any kind of Jenkins managing activities. – R.B. Aug 26 '21 at 06:38