stderr: fatal: Couldn't find remote ref $GERRIT_REFSPEC

Question

Before anyone guns me down..I have looked at all the messages that has this error but they seem to manifest from a different problem,I couldn\'t get any substantial information.

Answer 1

As of May 2016, this error may be result of fix for SECURITY-170 introduced in Jenkins 2.3 or 1.651.2.

From wiki:

In a May 2016 security advisory, a vulnerability was announced (SECURITY-170 / CVE-2016-3721) whereby attackers could potentially exploit the fact that certain Jenkins plugins allow the definition of arbitrary build parameters — which are in turn injected into the build envirionment.

The fix for this issue — which was first included in Jenkins versions 1.651.2 and Jenkins 2.3 — means that only build parameters that have been explicitly defined in a job's configuration will be available by default at build time. Any other arbitrary parameters added to a build by plugins will not be available by default.

As there are a number of plugins that rely on the behaviour in older Jenkins versions, upgrading to 1.651.2 or 2.3 means that certain build behaviours may be broken.

One of the affected plugins is the Gerrit Trigger. The issue you should watch for updates is here.

However, please note that the Rado's solution to definine the GERRIT_REFSPEC parameter manually in build config can solve this problem temporarily if you build only one branch from Gerrit.

---

A workaround is available by adding the following JAVA_ARGS to /etc/default/jenkins on ubuntu

JAVA_ARGS="$JAVA_ARGS -Dhudson.model.ParametersAction.keepUndefinedParameters=true"

You could also add which variables should be allowed

JAVA_ARGS="$JAVA_ARGS -Dhudson.model.ParametersAction.safeParameters=GERRIT_REFSPEC,GERRIT_BRANCH