Has anyone successfully updated the log4j jar file for jenkins to get the udeploy plugin working by following the instructions provided on their site http://wiki.urbancode.com/uDeploy/Repositories, seen below?
Note: Jenkins often uses an older log4j file then our plugin needs. You may need to replace it. See below for instructions:
1. Unpackage the jenkins.war
2. Open /web-inf/lib in the unpacked .war's directory to determine the name of Jenkin's log4j.jar
3. Navigate to your uDeploy server's %serverLocation%/lib directory and copy our log4j.jar to Jenkin's /web-inf/lib/ directory, overwriting the existing log4j with uDeploy's (rename it to match Jenkin's)
On standalone instances of Jenkins (not the Tomcat app), Jenkins keeps a hash of all of it's files and will throw an error when starting Jenkins due to a mismatched hash after modifying the log4j file. The only solution is to remove the values in the file that tracks the hashes."
I unpackaged the war file, deleted the log4j jar (1.2.9) found under WEB-INF/lib/, added the newest log4j jar (1.2.17), renamed it to 1.2.9, then removed the SHA1-Digest: line (the hash) for log4j 1.2.9 found in the manifest under META-INF/ all which seems to agree with the above instructions. Deploying the war (service jenkins start) results in the following error, complaining that the SHA1 signature isn't there in the manifest:
Starting Jenkins Exception in thread "main" java.lang.SecurityException: invalid SHA1 signature file digest for WEB-INF/lib/log4j-1.2.9.jar
at sun.security.util.SignatureFileVerifier.verifySection(SignatureFileVerifier.java:457)
at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:250)
at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:193)
at java.util.jar.JarVerifier.processEntry(JarVerifier.java:262)
at java.util.jar.JarVerifier.update(JarVerifier.java:216)
at java.util.jar.JarFile.initializeVerifier(JarFile.java:341)
at java.util.jar.JarFile.getInputStream(JarFile.java:406)
at sun.misc.URLClassPath$JarLoader$2.getInputStream(URLClassPath.java:752)
at sun.misc.Resource.cachedInputStream(Resource.java:77)
at sun.misc.Resource.getByteBuffer(Resource.java:160)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:436)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:423)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:476)
[FAILED]
What am I missing? I thought I followed the directions correctly, and evidently enough people have had this problem given that uDeploy added a special note to their wiki page about it. Any help/suggestions/ideas would be highly appreciated.
Jenkins is version 1.525.
If anyone is still interested in solution, I didn't remove digests. Just deleted log4j-1.2.9.jar and added log4j-1.2.17.jar (without renaming), that's all I did. An it worked brilliantly. Jenkins version 1.542.
Why did you rename it to 1.2.9? It will probably work as named as 1.2.17. It's a signed jar, and renaming it may be why it broke.
If jenkins is running on tomcat on linux, you are probably faster just logging into the box to the webapps directory and altering the expanding war there rather than repacking the jenkins war.
Follow the following steps to change the log4j version and solve the stated uDeploy problem :-
Stop Jenkins
Go to the installation directory of Jenkins
Navigate to .jenkins\war\WEB-INF\lib [On a windows system]
Delete log4j-1.2.9.jar and add log4j-1.2.17.jar (without renaming)
Restart Jenkins
It is not necessary to follow all the steps given as a solution by IBM :-
https://developer.ibm.com/urbancode/plugin/jenkins-ibmucd/
At this point, just use the new version of the Jenkins plugin. The incompatibility was removed.
Related
I have this log4j-1.2.12.jar file in my jenkins server
Path to it: /data/jenkins/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar I got this Apache Log4j Unsupported Version Detection message from security team, how to resolve this I tried downloading the latest version but it is something like this log4j-api-2.19.0.jar
No, it's not "in Jenkins", more accurately, log4j is not a part of Jenkins. Jenkins consumes its jars from the exploded war in ${JENKINS_HOME}/war/WEB-INF/lib. It is not located there.
If a plugin consumes log4j, that would be found within the exploded plugin directory at ${JENKINS_HOME}/plugins/<plugin_name>/WEB-INF/lib. The status of log4j as it related to most plugins was tracked under JENKINS-67353.
What you are referencing is the maven local repository, .m2/repository. This structure is created when running a maven build on the controller; the dependency jars specified in (one of) your build's pom.xml.
The guidance in the comments is correct; find the appropriate pom.xml and update it, then rebuild.
You can verify these claims by deleting the entire .m2 directory (or moving / zip;delete if you are paranoid) and restarting Jenkins. You'll discover Jenkins is running fine and the directory remains empty. Run your maven jobs and it will repopulate, including log4j-1.2.12.jar, assuming it's still specified in your pom.xml. Fix your maven pom.xml, delete the directory, rerun your jobs and it should not reappear.
Perhaps you have already updated your pom.xml but never cleared out your local maven repository, then it will not repopulate (you could check the timestamp of the directory to know when it was first/last downloaded).
You can also delete referenced portions of the repository by specifying mvn dependency:purge-local-repository and adding -DreResolve=false to avoid re-resolving. Of course, if you've already updated the pom.xml, it would remain since it's not referenced in the pom.xml` (yes, it would be nice if there was an option to purge all or most of a repository or all version of a given jar, but ...).
I upgraded Jenkins to 2.32.3 version (in place upgrade) after taking necessary backups (THIN) or $JENKINS_HOME and Jenkins is now UP and running.
Under Manage Jenkins > Manage Plugins, I see the following RED error:
Manage Jenkins
Correct
There are dependency errors loading some plugins:
Environment Injector Plugin v2.1.3
envinject-api v1.2 is missing. To fix, install v1.2 or later.
While trying to install Environment Inject Plugin 2.1.3, the logs (during download/install) shows the same error:
Installing Plugins/Upgrades
Preparation
Checking update center connectivity
Success
Environment Injector Plugin
Failure -
java.io.IOException: Failed to dynamically deploy this plugin
at hudson.model.UpdateCenter$InstallationJob._run(UpdateCenter.java:1895)
at hudson.model.UpdateCenter$DownloadJob.run(UpdateCenter.java:1652)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at hudson.remoting.AtmostOneThreadExecutor$Worker.run(AtmostOneThreadExecutor.java:110)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.io.IOException: Failed to install envinject plugin
at hudson.PluginManager.dynamicLoad(PluginManager.java:873)
at hudson.PluginManager.dynamicLoad(PluginManager.java:813)
at hudson.model.UpdateCenter$InstallationJob._run(UpdateCenter.java:1891)
... 5 more
Caused by: java.io.IOException: Environment Injector Plugin v2.1.3 failed to load.
- envinject-api v1.2 is missing. To fix, install v1.2 or later.
at hudson.PluginWrapper.resolvePluginDependencies(PluginWrapper.java:621)
at hudson.PluginManager.dynamicLoad(PluginManager.java:863)
... 7 more
Where can I get this envinject-api 1.2 plugin? Should I go grab the Github project (clone it) and build the Maven project and put the hpi file under $JENKINS_HOME/plugins folder?
Under Available plugins tab, I don't see an option to select a given version (only 2.1.3 is available). I don't see envinject-api 1.2 plugin listed there either that I can select. My understanding it, selecting Environment Inject 2.1.3 should auto grab all of its dependent plugins for free per it's MANIFEST file.
$ cat $JENKINS_HOME/plugins/envinject/META-INF/MANIFEST.MF
Manifest-Version: 1.0
Archiver-Version: Plexus Archiver
Created-By: Apache Maven
Built-By: nenashev
Build-Jdk: 1.8.0_121
Extension-Name: envinject
Specification-Title: The Jenkins Plugins Parent POM Project
Implementation-Title: envinject
Implementation-Version: 2.1.3
Plugin-Class: org.jenkinsci.plugins.envinject.EnvInjectPlugin
Group-Id: org.jenkins-ci.plugins
Short-Name: envinject
Long-Name: Environment Injector Plugin
Url: https://wiki.jenkins-ci.org/display/JENKINS/EnvInject+Plugin
Compatible-Since-Version: 2.0
Plugin-Version: 2.1.3
Hudson-Version: 1.625.3
Jenkins-Version: 1.625.3
Plugin-Dependencies: envinject-api:1.2,ivy:1.21;resolution:=optional,m
atrix-project:1.7,script-security:1.22
Plugin-Developers: Gregory Boissinot:gbois:gregory.boissinot#gmail.com
,Oleg Nenashev:oleg_nenashev:o.v.nenashev#gmail.com,Manuel Recena:rec
ena:recena#gmail.com
For some reason Jenkins plugins (didn't download the dependent plugins per the Manifest file).
As envinject-api plugin was not listed in the AVAILABLE plugin tab (under Manage Jenkins > Manage Plugins section), I had to manually download the .hpi / .jpi file directly from the following download plugins URL and then I placed the file in $JENKINS_HOME/plugins folder.
https://updates.jenkins-ci.org/download/plugins/
wget https://updates.jenkins-ci.org/download/plugins/envinject-api/1.2/envinject-api.hpi
Restarted Jenkins sudo service jenkins restart (or any other way you have setup) and this issue went away from both Jenkins GUI and from tail -f /var/log/jenkins/jenkins.log
PS: Don't just randomly select a latest version of any plugin or it's dependent plugin. It may not work and break more other plugins as it depends upon your current Jenkins version.
Found this link for Juseppe, not sure how relevant is this but seems interesting: https://github.com/yandex-qatools/juseppe
Trying to deploy an artifact using Jenkins WebLogic Deployer Plugin.
Getting following error:
Error: Could not find or load main class weblogic.Deployer
According to the documentation I should be using wlthint3client.jar (WebLogic version 12.1.3) but this client jar doesn't contain above class (Deployer), tried using the wlfullclient.jar which is said to be deprecated but if that throws another exception:
Hi, I want to install a war file generated from Jenkins to WebLogic, both on different machines, but when the installation runs an error is generated:
java.lang.NoClassDefFoundError: weblogic/deploy/api/spi/DeploymentOptions
at weblogic.deploy.api.tools.deployer.Jsr88Operation.init(Jsr88Operation.java:70)
Any ideas what could be the issue?
Regards!
I am having the same problem. I solved it actually adding all of these three libraries to the Additional Classpath:
wlthint3client.jar:weblogic.jar:wlfullclient.jar
After creating a tar of the build from jenkins, I am trying to move the tar to the main server using uDeploy. But i get the following error even after using the proper application name, environment and process name. I am unable to debug any further.
Please find the uDeploy settings and the log in the images.
uDeploy Jenkins setup:
error in console:
This is a known issue, have you done this workaround
Open jenkins.war and navigate to META-INF
Delete JENKINS.SF and JENKINS.RSA
Open MANIFEST.MF and delete all of the lines that start with SHA1-Digest
Place the new Log4j with version greater or equal to 1.2.12 (e.g. Log4J 1.2.17) jar in WEB-INF/lib
Update MANIFEST.MF to point to the new version
I'm trying to get our CI-Server Hudson to run grails tasks and installed the Grails-Plugin, but it seems like the dependencies with ivy could not be resolved...
[projectx] $ /usr/share/grails/bin/grails prod war projectx.war
Welcome to Grails 1.2.0 - http://grails.org/
Licensed under Apache Standard License 2.0
Grails home is set to: /usr/share/grails
Base Directory: /var/local/hudson/jobs/projectx/workspace/projectx
Resolving dependencies...
Error executing script War: /usr/share/tomcat5.5/.ivy2/cache/resolved-projectx-projectx-0.1.xml (No such file or directory)
java.io.FileNotFoundException: /usr/share/tomcat5.5/.ivy2/cache/resolved-projectx-projectx-0.1.xml (No such file or directory)
at java.io.FileOutputStream.open(Native Method) ...
Does anyone know how to get this working?
Thanks alot!
It looks like the user that tomcat is running as is configured to have /usr/share/tomcat5.5 as the home directory and you don't have write access to that directory (and probably shouldn't)
I'd guess that you need to modify the user that tomcat is running as, or the user that the Hudson Job is running as to have a valid home directory.
Run
grails upgrade
and it will work afterwards. I tried deleting .grails folder and it did not work and discovered that upgrade works by accident.
On Jenkins you can run it with a --non-interactive switch.
Anyone figured out why is this happening?
Hudson supports maven based builds very well so you could just use the Grails Maven Plugin http://www.grails.org/Maven+Integration and point hudson at the maven pom file and away you go.