Updated a plugin, which as dependency updated another plugin, where we had a local modification in
use => Local modifications gone.
So currently I have four plugins, which I’m not “allowed” to update, for one or the other reason.
How do you handle such situations, concerning plugin dependencies ?
I’m currently only aware of the hack to use <Jenkins-install-dir>/home/plugins> find . -name pom.xml -exec grep -iH '<plugin-name>' {} \;
to search for dependencies in the pom.xml.
I remember that Jenkins “back then” listed the plugins a pending plugin update was depending upon in the plugin manager - but I don’t see this nay more.
Did I accidentally configure this away ? Do I need to enable it somehow ?
Is there a way, I can tell Jenkins: Please DON’T update these plugins currently, neither by me directly requesting it by accident nor indirectly, due to dependencies ?
I’m not aware of a way to do that from the user interface. I like the idea of “freezing” a plugin at a specific version temporarily, but I don’t know the impact of such a concept on the plugin update process.
I’ve been managing my plugin updates through a Docker image with a plugins.txt file that lists the exact plugins and versions of every plugin that I have installed. The plugin installation manager tool is called to suggest updates to that file. I process those updates one plugin at a time. That Docker image allows me to run a test instance separately for experiments. Even if the Jenkins instance is managed interactively, a Docker image might help track the plugin versions you want to use.
If you’re interested in the technique, you can see it in the lts-with-plugins branch of my docker-lfs repo. I use a command like:
$ docker_build.py --report # Show the command I need to enter
$ ./jenkins-plugin-cli.sh --jenkins-version 2.319.1 \
--plugin-download-directory ref/plugins \
--plugin-file plugins.txt \
--no-download \
--available-updates --output txt > x && mv x plugins.txt
$ ./jenkins-plugin-cli.sh --jenkins-version 2.319.1 \
--plugin-download-directory ref/plugins \
--plugin-file plugins.txt
After running that command, I use git commit -v -p to commit each plugin update to the repository as an individual commit.
The Enable/Disable checkbox in the plugin manager UI, “Installed” tab will be disabled (“greyed out”) when there are dependent plugins. Hovering will tell you details.
Additionally, there are generated pages on plugins.jenkins.io like Matrix Authorization Strategy which tells you about explicitly and implicitly dependent plugins for any given plugin, among those that the Jenkins project publishes. This only considers the plugins’ latest releases, and dependencies can be removed again though, so the live information is best.
