Not all plugins are updated
See original GitHub issueI would like to use the plugin-installation-manager-tool to update plugins on a Jenkins instance, which seems to kind of work, but not completely. I am running the tool from Ansible like so (forgive the Jinja2 templating):
java -jar /opt/jenkins-pimt/jenkins-plugin-manager-1.0.2.jar -w {{ jenkins_war }} -f {{ jenkins_home }}/plugins.yaml -d {{ jenkins_home }}/plugins --available-updates --latest
After running the above command, Jenkins is restarted (just to be safe!), and then the tool is run again with the --no-download --list
arguments. The output gets parsed by a separate Python script which regenerates plugins.yaml
. In my local git diff
, I can see that a number of plugins were successfully updated, such as credentials
from 2.3.1 to 2.3.3. However, when I go to Jenkins’ plugin management page, I see a number of other plugins still want to be updated:
If I re-run my Ansible playbook, these plugins don’t get updated. I can’t seem to figure out why some plugins can be updated but others cannot. All of the above plugins are listed in the plugins.yaml
file. Why don’t they get updated?
Issue Analytics
- State:
- Created 4 years ago
- Comments:10 (6 by maintainers)
Top GitHub Comments
no issue that I’m aware of,
I think it would be better exposed as a feature / user story, (and yes please raise it)
I think the ask is:
I want to be able to update my plugins file with the latest versions of everything without having to do it by hand
Well…plugin dependencies and versions are complicated. Without digging into it further, I’m not sure if you’re seeing a bug or not. But suppose you list plugin A v1 and plugin B v3 in your yaml file and plugin B v3 depends on plugin A v2. In this case the expected behavior of the tool would be download plugin A v2 instead of plugin A v1 because it takes the highest required version, even if that version is higher than what you specified. So what you might be seeing is that some of the versions are upgraded because a higher version is required by some other plugin.
There have been some amount of discussions about how to replicate the downloaded plugins. There’s some tension between reproducible results and downloading the latest versions, since the latest will change. By default the tool will download the dependency versions listed in the plugin meta data, which ensures reproducibility, but these versions are conservative and will likely result in out-of-date plugins, which is also not helpful.
We probably should look into a lock file or some better way to ensure reproducibility as @timja mentioned. Another thing I think would be beneficial for this project is somehow incorporating maven’s dependency management, since dependency management from scratch ended up being far more complicated than I realized when I started this project last summer.