Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[JENKINS-51820] Removing Java Web Start support #532

Merged
merged 2 commits into from
May 12, 2022
Merged

[JENKINS-51820] Removing Java Web Start support #532

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3660af2
Removing JavaWebStart support
jglick May 6, 2022
a206ff7
@basil noticed orphaned SpotBugs excludes: https://github.com/jenkins…
jglick May 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 3 additions & 11 deletions docs/inbound-agent.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,8 @@ Note that the secret key will always be the same for a given agent name on the s
If the secret key of an agent is compromised, do not reuse the agent name on the affected Jenkins controller.

### "Launch" button
This is the only launch mechanism that actually uses JNLP.
When properly configured and supported, clicking this button causes a JNLP file to be downloaded via the web browser and launched with Java WebStart.

While this is the simplest mechanism it has many drawbacks.
This is an outdated technology that is being phased out.
It requires an interactive user.
If the agent terminates the user will have to click the button again.
This mechanism is not recommended, is deprecated, and may not be supported or available.
Historically there was a launch mechanism actually using JavaWebStart/JNLP (`javaws`).
This has been removed.

### Download JNLP file
Another mechanism, shown in the above status page fragment, runs the agent from a script or command-line to retrieve the JNLP file.
Expand Down Expand Up @@ -86,7 +80,6 @@ This mechanism requires a download of the `agent.jar`, as described for "Downloa
Once all the prerequisite files and data have been obtained, the agent can be launched with a command like this
```
java -cp agent.jar hudson.remoting.jnlp.Main \
-headless \
-workDir <work directory> \
-direct <HOST:PORT> \
-protocols JNLP4-connect \
Expand All @@ -103,8 +96,7 @@ The parameters available and the default behavior may be different between the e
On a Microsoft Windows platform, you can install the agent as a Windows Service.
This allows the Windows Service infrastructure to manage the process lifecycle.

To configure the agent this way, first launch the agent using one of the other mechanisms that doesn't run as headless.
In the agent GUI, select "File -> Install as a service".
GUI-based service installation has been removed. You can still use the Windows service wrapper.
Additional descriptions of configuring this mechanism are located at [Installing Jenkins as a Windows service](https://wiki.jenkins.io/display/JENKINS/Installing+Jenkins+as+a+Windows+service) or [How to Install Several Windows Agents as a Service?](https://support.cloudbees.com/hc/en-us/articles/217423827-How-to-Install-Several-Windows-Slaves-as-a-Service-)

## Parameters
Expand Down
119 changes: 1 addition & 118 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,9 +203,6 @@ THE SOFTWARE.
<filtering>true</filtering>
<directory>${basedir}/src/filter/resources</directory>
</resource>
<resource>
<directory>${basedir}/src/main/resources</directory>
</resource>
<resource>
<directory>${basedir}</directory>
<includes>
Expand Down Expand Up @@ -249,12 +246,6 @@ THE SOFTWARE.
<mainClass>hudson.remoting.Launcher</mainClass>
<manifestEntries>
<Version>${project.version}</Version>
<!-- attributes related to Java Web Start -->
<!-- see http://docs.oracle.com/javase/8/docs/technotes/guides/jweb/security/manifest.html -->
<Permissions>all-permissions</Permissions>
<Codebase>*</Codebase>
<Application-Name>Jenkins Remoting Agent</Application-Name>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs at least a corresponding change to org.jenkinsci.plugins.pipeline.utility.steps.conf.mf.ReadManifestStepTest:

hudson.remoting.ProxyException: Assertion failed: 

assert man.main['Application-Name'] == 'Jenkins Remoting Agent'

        at org.codehaus.groovy.runtime.InvokerHelper.assertFailed(InvokerHelper.java:420)
        at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.assertFailed(ScriptBytecodeAdapter.java:663)
        at com.cloudbees.groovy.cps.impl.AssertBlock$ContinuationImpl.fail(AssertBlock.java:47)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:566)
        at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
        at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
        at com.cloudbees.groovy.cps.Next.step(Next.java:83)
        at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
        at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
        at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:136)
        at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:275)
        at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
        at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:18)
        at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:51)
        at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:187)
        at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:420)
        at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$400(CpsThreadGroup.java:95)
        at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:330)
        at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:294)
        at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:139)
        at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
        at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:68)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:829)
Finished: FAILURE

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

jenkinsci/pipeline-utility-steps-plugin#143

<Trusted-Library>true</Trusted-Library>
</manifestEntries>
</transformer>
<transformer implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer" />
Expand Down Expand Up @@ -282,39 +273,6 @@ THE SOFTWARE.
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-jarsigner-plugin</artifactId>
<version>3.0.0</version>
<configuration>
<!--
during the development, debug profile will cause
the jars to be signed by a self-certified dummy public key.

For release, you should define the real values in ~/.m2/settings.xml
-->
<alias>${hudson.sign.alias}</alias>
<storepass>${hudson.sign.storepass}</storepass>
<keystore>${hudson.sign.keystore}</keystore>
<storetype>${hudson.sign.storetype}</storetype>
<providerClass>${hudson.sign.providerClass}</providerClass>
<providerArg>${hudson.sign.providerArg}</providerArg>
<tsa>${hudson.sign.tsa}</tsa>
<!--
This option is required for JENKINS-37567, not required on any release machine.
In order to take effect, a version with MJARSIGNER-53 should be used.
See the "maven-jarsigner-plugin.version" parameter.
-->
<certchain>${hudson.sign.certchain}</certchain>
</configuration>
<executions>
<execution>
<goals>
<goal>sign</goal>
<goal>verify</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
Expand Down Expand Up @@ -374,7 +332,7 @@ THE SOFTWARE.
<localCheckout>true</localCheckout>
</configuration>
</plugin>
<plugin>
<plugin> <!-- TODO probably superseded by Incrementals? -->
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<executions>
Expand Down Expand Up @@ -445,81 +403,6 @@ THE SOFTWARE.
<maven.test.redirectTestOutputToFile>true</maven.test.redirectTestOutputToFile>
</properties>
</profile>
<profile>
<id>debug</id>
<activation>
<property>
<name>!hudson.sign.alias</name>
</property>
</activation>
<properties>
<hudson.sign.alias>jenkins</hudson.sign.alias>
<hudson.sign.keystore>${basedir}/src/test/keystore/dummy.keystore</hudson.sign.keystore>
<hudson.sign.storepass>jenkins</hudson.sign.storepass>
</properties>
</profile>
<profile>
<id>release</id>
<build>
<plugins>
<plugin>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<goals>
<goal>sign</goal>
</goals>
<phase>verify</phase>
<configuration>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-jarsigner-plugin</artifactId>
<executions>
<execution>
<id>add-tsa</id>
<!-- Phase and goal are the default ones -->
<!-- TODO: Does it cause conflict with signing parameters in the build? Seems "no". Should also use ${hudson.sign.tsa} -->
<configuration>
<arguments>
<argument>-tsa</argument>
<argument>http://timestamp.comodoca.com/rfc3161</argument>
</arguments>
</configuration>
</execution>
<execution>
<id>verify-signature</id>
<goals>
<goal>verify</goal>
</goals>
<phase>verify</phase>
<configuration>
<processMainArtifact>true</processMainArtifact>
<processAttachedArtifacts>false</processAttachedArtifacts>
<certs>true</certs>
<errorWhenNotSigned>true</errorWhenNotSigned>
<!-- strict, otherwise certificate chains will be ignored -->
<arguments>-strict</arguments>
<alias>${hudson.sign.alias}</alias>
<storepass>${hudson.sign.storepass}</storepass>
<keystore>${hudson.sign.keystore}</keystore>
<storetype>${hudson.sign.storetype}</storetype>
<providerClass>${hudson.sign.providerClass}</providerClass>
<providerArg>${hudson.sign.providerArg}</providerArg>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>jacoco</id>
<build>
Expand Down
2 changes: 0 additions & 2 deletions src/main/java/hudson/remoting/Launcher.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -555,8 +555,6 @@ public List<String> parseJnlpArguments() throws ParserConfigurationException, SA
jnlpArgs.add("-credentials");
jnlpArgs.add(agentJnlpCredentials);
}
// force a headless mode
jnlpArgs.add("-headless");
return jnlpArgs;
} catch (SSLHandshakeException e) {
if(e.getMessage().contains("PKIX path building failed")) {
Expand Down
100 changes: 0 additions & 100 deletions src/main/java/hudson/remoting/jnlp/GUI.java
View file
Open in desktop

This file was deleted.

92 changes: 0 additions & 92 deletions src/main/java/hudson/remoting/jnlp/GuiListener.java
View file
Open in desktop

This file was deleted.

Loading