Skip to content

Commit

Permalink
[JENKINS-51820] Removing Java Web Start support (#532)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jglick
jglick authored May 12, 2022
1 parent b9a313e commit 7fb340c
Show file tree
Hide file tree
Showing 11 changed files with 9 additions and 534 deletions.
14 changes: 3 additions & 11 deletions docs/inbound-agent.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,8 @@ Note that the secret key will always be the same for a given agent name on the s
If the secret key of an agent is compromised, do not reuse the agent name on the affected Jenkins controller.

### "Launch" button
This is the only launch mechanism that actually uses JNLP.
When properly configured and supported, clicking this button causes a JNLP file to be downloaded via the web browser and launched with Java WebStart.

While this is the simplest mechanism it has many drawbacks.
This is an outdated technology that is being phased out.
It requires an interactive user.
If the agent terminates the user will have to click the button again.
This mechanism is not recommended, is deprecated, and may not be supported or available.
Historically there was a launch mechanism actually using JavaWebStart/JNLP (`javaws`).
This has been removed.

### Download JNLP file
Another mechanism, shown in the above status page fragment, runs the agent from a script or command-line to retrieve the JNLP file.
Expand Down Expand Up @@ -86,7 +80,6 @@ This mechanism requires a download of the `agent.jar`, as described for "Downloa
Once all the prerequisite files and data have been obtained, the agent can be launched with a command like this
```
java -cp agent.jar hudson.remoting.jnlp.Main \
-headless \
-workDir <work directory> \
-direct <HOST:PORT> \
-protocols JNLP4-connect \
Expand All @@ -103,8 +96,7 @@ The parameters available and the default behavior may be different between the e
On a Microsoft Windows platform, you can install the agent as a Windows Service.
This allows the Windows Service infrastructure to manage the process lifecycle.

To configure the agent this way, first launch the agent using one of the other mechanisms that doesn't run as headless.
In the agent GUI, select "File -> Install as a service".
GUI-based service installation has been removed. You can still use the Windows service wrapper.
Additional descriptions of configuring this mechanism are located at [Installing Jenkins as a Windows service](https://wiki.jenkins.io/display/JENKINS/Installing+Jenkins+as+a+Windows+service) or [How to Install Several Windows Agents as a Service?](https://support.cloudbees.com/hc/en-us/articles/217423827-How-to-Install-Several-Windows-Slaves-as-a-Service-)

## Parameters
Expand Down
119 changes: 1 addition & 118 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,9 +203,6 @@ THE SOFTWARE.
<filtering>true</filtering>
<directory>${basedir}/src/filter/resources</directory>
</resource>
<resource>
<directory>${basedir}/src/main/resources</directory>
</resource>
<resource>
<directory>${basedir}</directory>
<includes>
Expand Down Expand Up @@ -249,12 +246,6 @@ THE SOFTWARE.
<mainClass>hudson.remoting.Launcher</mainClass>
<manifestEntries>
<Version>${project.version}</Version>
<!-- attributes related to Java Web Start -->
<!-- see http://docs.oracle.com/javase/8/docs/technotes/guides/jweb/security/manifest.html -->
<Permissions>all-permissions</Permissions>
<Codebase>*</Codebase>
<Application-Name>Jenkins Remoting Agent</Application-Name>
<Trusted-Library>true</Trusted-Library>
</manifestEntries>
</transformer>
<transformer implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer" />
Expand Down Expand Up @@ -282,39 +273,6 @@ THE SOFTWARE.
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-jarsigner-plugin</artifactId>
<version>3.0.0</version>
<configuration>
<!--
during the development, debug profile will cause
the jars to be signed by a self-certified dummy public key.
For release, you should define the real values in ~/.m2/settings.xml
-->
<alias>${hudson.sign.alias}</alias>
<storepass>${hudson.sign.storepass}</storepass>
<keystore>${hudson.sign.keystore}</keystore>
<storetype>${hudson.sign.storetype}</storetype>
<providerClass>${hudson.sign.providerClass}</providerClass>
<providerArg>${hudson.sign.providerArg}</providerArg>
<tsa>${hudson.sign.tsa}</tsa>
<!--
This option is required for JENKINS-37567, not required on any release machine.
In order to take effect, a version with MJARSIGNER-53 should be used.
See the "maven-jarsigner-plugin.version" parameter.
-->
<certchain>${hudson.sign.certchain}</certchain>
</configuration>
<executions>
<execution>
<goals>
<goal>sign</goal>
<goal>verify</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
Expand Down Expand Up @@ -375,7 +333,7 @@ THE SOFTWARE.
<localCheckout>true</localCheckout>
</configuration>
</plugin>
<plugin>
<plugin> <!-- TODO probably superseded by Incrementals? -->
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<executions>
Expand Down Expand Up @@ -443,81 +401,6 @@ THE SOFTWARE.
<maven.test.redirectTestOutputToFile>true</maven.test.redirectTestOutputToFile>
</properties>
</profile>
<profile>
<id>debug</id>
<activation>
<property>
<name>!hudson.sign.alias</name>
</property>
</activation>
<properties>
<hudson.sign.alias>jenkins</hudson.sign.alias>
<hudson.sign.keystore>${basedir}/src/test/keystore/dummy.keystore</hudson.sign.keystore>
<hudson.sign.storepass>jenkins</hudson.sign.storepass>
</properties>
</profile>
<profile>
<id>release</id>
<build>
<plugins>
<plugin>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<goals>
<goal>sign</goal>
</goals>
<phase>verify</phase>
<configuration>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-jarsigner-plugin</artifactId>
<executions>
<execution>
<id>add-tsa</id>
<!-- Phase and goal are the default ones -->
<!-- TODO: Does it cause conflict with signing parameters in the build? Seems "no". Should also use ${hudson.sign.tsa} -->
<configuration>
<arguments>
<argument>-tsa</argument>
<argument>http://timestamp.comodoca.com/rfc3161</argument>
</arguments>
</configuration>
</execution>
<execution>
<id>verify-signature</id>
<goals>
<goal>verify</goal>
</goals>
<phase>verify</phase>
<configuration>
<processMainArtifact>true</processMainArtifact>
<processAttachedArtifacts>false</processAttachedArtifacts>
<certs>true</certs>
<errorWhenNotSigned>true</errorWhenNotSigned>
<!-- strict, otherwise certificate chains will be ignored -->
<arguments>-strict</arguments>
<alias>${hudson.sign.alias}</alias>
<storepass>${hudson.sign.storepass}</storepass>
<keystore>${hudson.sign.keystore}</keystore>
<storetype>${hudson.sign.storetype}</storetype>
<providerClass>${hudson.sign.providerClass}</providerClass>
<providerArg>${hudson.sign.providerArg}</providerArg>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>jacoco</id>
<build>
Expand Down
2 changes: 0 additions & 2 deletions src/main/java/hudson/remoting/Launcher.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -555,8 +555,6 @@ public List<String> parseJnlpArguments() throws ParserConfigurationException, SA
jnlpArgs.add("-credentials");
jnlpArgs.add(agentJnlpCredentials);
}
// force a headless mode
jnlpArgs.add("-headless");
return jnlpArgs;
} catch (SSLHandshakeException e) {
if(e.getMessage().contains("PKIX path building failed")) {
Expand Down
100 changes: 0 additions & 100 deletions src/main/java/hudson/remoting/jnlp/GUI.java
View file

This file was deleted.

92 changes: 0 additions & 92 deletions src/main/java/hudson/remoting/jnlp/GuiListener.java
View file

This file was deleted.

Loading

0 comments on commit 7fb340c

Please sign in to comment.