In GitHub Enterprise, we have Project A under Organization A. When I submit a PR (pull request) to Project A, the continuous-integration/jenkins/pr-merge
is triggered which runs a Jenkins pipeline to build the code and perform unit tests. This allows us to prevent the PR from being merged into master if the unit tests fail.
For example, this is what I see on a PR for Project A in GitHub that includes a broken unit test:
Now I am trying to configure Project B under Organization B to behave the same way. However, it is not working. This is what I see on a PR for Project B in GitHub that includes a broken unit test:
Notice that Project B's PR did not kick off the continuous-integration/jenkins/pr-merge
.
GitHub -> Settings -> Branches -> Branch protection rules
Project A in GitHub has a branch protection rule for master
with only one setting enabled:
Interestingly, the "Require status checks to pass before merging" setting is not enabled. Out of curiosity, I enabled it (without saving it) and noticed that "continuous-integration/jenkins/pr-merge" showed up below it as an option.
I configured Project B to have the exact same branch protection rule for master
with only "Require pull request reviews before merging" enabled. Out of curiosity, I enabled "Require status checks to pass before merging" (without saving it) and it doesn't even show continuous-integration/jenkins/pr-merge
as an option. It just says "No status checks found. Sorry, we couldn’t find any status checks in the last week for this repository."
GitHub -> Settings -> Hooks -> Webhooks
Project A in GitHub has a webhook configured with:
https://jenkins.mycompany.com/github-webhook/
application/json
I created a webhook for Project B with the exact same settings. After I submitted a PR for Project B, I see a couple of items under "Recent Deliveries" for Project B's webhook with green checkmarks and "200" response codes, so I think it is configured correctly.
CloudBees Jenkins Enterprise
In Jenkins Enterprise, Project A's pipeline is of type "GitHub Organization" and has the following settings:
I created an item under Project B in Jenkins Enterprise of type "GitHub Organization" with the same settings (except any settings specific to Project A were replaced with the appropriate Project B specific settings).
Given that GitHub PRs for Project B are failing to launch the continuous-integration/jenkins/pr-merge
, it seems like there is some configuration that I am missing. Unfortunately, our GitHub/Jenkins admins have not been able to figure out what is wrong.
UPDATE
We have confirmed that Project B is actually launching a build on the Jenkins agent when a PR is submitted. The problem is that GitHub is not showing the continuous-integration/jenkins/pr-merge
on the web page for the PR. We need that so the PR can be blocked if the build fails, and also so that we can quickly see what went wrong.
Posting as answer the resolution we got in the comments.
The issue was that the user who's token was used in Jenkins did not have the right level of access to post status checks on the repository.
Differences between the Orgs and Projects
This caused the issue on projectB status checks not being populated with Jenkins' information from the builds:
continuous-integration/jenkins/pr-merge
missing from the status checks of GitHub repository.
Summary:
When setting up a connection between GitHub and Jenkins we need to provide the user holder of the token with the required access.
In this case we want to update the github status which needs Write access level:
The token of the user should have scope repo:status