Error in triggering jenkins job from Slack - jenkins

I am integrating Jenkins in Slack to facilitate build from Slack.
I configured the Build Trigger section of my job
Then I added Slash Commands to slack and configured it as below.
Now, I went to slack and typed /dev-backend, and it is throwing the error,
/dev-backend failed with the error "invalid_url"
I tried hitting the URL directly from postman which is giving the Authentication required response.
How can I add the authentication so that I can trigger build from slack? I thought the token provided in the build triggers section of Jenkins was enough.

I know it's kind of outdated question but I was also struggling with this error, so maybe it will help someone in the future. If you are getting /command failed with the error "invalid_url" and you are able to hit your application endpoint via eg. Bash shell:
curl -X POST -H 'Authorization: Bearer your-bearer-token' -H 'Content-type: application/json;charset=utf-8' --data '{"channel":"#test","text":"Hello, Slack!"}' http://127.0.0.1:8000/your/application/endpoint
it means that Slack can't access/see the URL that you passed in Slack API Applications Settings.
In my case the problem was that I was passing http://127.0.0.1:8000/some/endpoint in Slash Commands configuration which was visible only by my computer. The easiest way to make it visible for Slack is to use ngrok.
So if you are getting this error the steps are as follows:
Install ngrok
Run your app on localhost, eg. http://127.0.0.1:8000
In Bash shell type ngrok http 8000
Copy url returned by ngrok, in my case http://c609-91-234-49-229.ngrok.io
Paste copied URL to Slack Slash Commands configuration instead of localhost.

Related

how to use\connect to sonatype nexus docker registry v2 api in a web application?

I have a private sonatype nexus repository manager OSS 3.25.1-04 container running on a vm (with nginx routing from docker.io to repo manager url) that contains a few repositories, one of them is a docker registry.
I want to use the docker registry v2 api from a react app to get a listing for the docker images in the repository and maybe some more metrics about the repo and its contents.
I tried calling the api directly: https://nexus3:8083/v2/_catalog but got 401 UnAuthorized in the response when checking the devtools network tab
Then to login to the api I tried using https://auth.docker.io/token?service=registry.docker.io&scope=repository:samalba/my-app:pull,push when substituting samalba/my-app with my own registry and example docker image. I know this link is to get token for only this image couldn't find one for the entire api (it didn't work anyway)
Could use some help on how to connect to the api\get jwt token and using it or how to use the api with http instead
A few things may be going on. First, try just using basic authentication and seeing if that works. Additionally, you may need to set some additional headers to connect to nexus / sonatype. Here is an example with curl:
curl -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -H "Content-Type: application/json" -H "User-Agent: docker/20.10.14" -u username:password -i https://nexus3:8083/v2/_catalog
Note the user agent field -- i've run into issues where the authentication layer is filtering out for the docker user agent.
If that still doesn't work, then the next thing you can look for is to see if the registry response with the header www-authenticate. This means you will need to first authenticate with that service to retrieve a Bearer token, and then you can pass that back to the registry using the Authorization header instead of basic auth.
Hope that helps.

401 error when trying GET request to Hawkbit Server with Gateway Security Token

Q1:
I'm running a Hawkbit server on localhost in a docker container and activated the option "Allow a gateway to authenticate and manage multiple targets through a gateway security token" in the settings of the web UI that I access via http://localhost:8080/.
Now I'm using Postman to send a GET request to http://localhost:8080/default/controller/v1/25 with the header
key: GatewayToken, value: <The gateway token shown in the Hawkbit web UI>
Using this header, I'm supposed to be able to authenticate my Postman client against the Hawkbit server (compare e.g. https://www.eclipse.org/hawkbit/concepts/authentication/), however I'm always getting a "401 Unauthorized" response.
Even if I enable "Allow targets to download artifacts without security credentials" which should enable any client to get a ressource even without authentification, I get a 401.
What am I doing wrong?
Q2:
The Hawkbit server is running in Docker started via "docker-compse up -d" as described here: https://www.eclipse.org/hawkbit/gettingstarted/
In order to solve the problem of Q1, I wanted to check the output of Hawkbit inside the container, but I'm not too familiar with docker and couldn't find out how. I was able to get inside the conainer using
docker exec -it docker_hawkbit_1 /bin/sh
which bring me into the container's file system at /opt/hawkbit. But that's not what I was looking for. How can I see the log/output of the Hawkbit/Spring Boot application running inside the container?
Q1:
The key of the request should not be GatewayToken, but Authorization. The header of the request will then look as follows:
key: Authorization, value: GatewayToken <token>
Q2:
Try the following command to see the logs:
docker logs -f docker_hawkbit_1

How to include credentials using bitbucket webhooks

I am using this interface:
If I want to ping our Jenkins server, we need credentials to do, for example with cURL it would look like:
curl -u ${user}:${password} http://jenkins.teros.io/job/demo/build?token=demo_interos_token
so is there a way to pass creds somehow with the webhook interface or maybe in the query parameters?
I created a middleman server, and Bitbucket can ping our server with creds in the url and we forward request to Jenkins.
You should be able to give the credentials as part of the URL:
http://<user>:<password>#jenkins.teros.io/job/demo/build?token=demo_interos_token
This is based on RFC-1738 which defines the URL Syntax, and specifically the Common Internet Scheme Syntax.

Triggering Jenkins builds from Slack

By following the tutorial below I am attempting to use slash commands in Slack to trigger a build in Jenkins. My jenkins instance which is on an EC2 is utilizing the user's API token to authenticate the POST command from slack.
When I do the curl command locally, it successfully triggers the build, the command is similar to this:
curl -X POST http://slack:c1c54d626f6a11fbc98ed795ec8862bc#10.11.12.13:8080/job/TEST_ATOMATION_GURU_SLACK_JOB_DEMO/build
However when I try to execute the command in slack via a slash command I get: Darn - that slash command didn't work (error message: 403_client_error).
Tutorial I am following: http://www.testautomationguru.com/jmeter-selenium-webdriver-how-to-trigger-automated-test-execution-from-slack/
I have also tried this tutorial with the same result:
https://sonnguyen.ws/how-to-trigger-a-jenkins-build-from-slack/
I also saw this stackoverflow post but it did not help: Using Slack to start Jenkins builds
Things I have tried:
- Opening up the security groups
- In jenkins selecting “Allow anonymous read access”
- In Jenkins deselecting “Prevent Cross Site Request
Forgery exploits”
Any help or guidance would be much appreciated.
enter image description here
The good news is that the setup should work - I also have a Slack slash command triggering a jenkins job, so the issue will be somewhere in your setup.
I see in your curl example you are accessing jenkins on a private IP. I would start there as if you are using the same private IP in the Slack slash command, there is no way Slack would be able to access your Jenkins instance. If you are using private IP in the slash command, I would recommend attaching an Elastic IP to your EC2 instance (assuming it lives in public subnet etc) and then try again the slash command but on the Elastic IP this time.
you can use ngrok for the tunneling and then you should be able to trigger that.
note: Ensure that the URL you are giving in the section should be able to trigger the build if run manually using the curl -X POST command.

No route registered for '/docker/hook'

I'm creating an Azure AppService based on a Docker image. The image is in Docker public registry, so I want the service to 'know' when there's a new version of the image (same tag).
I thought the WebHook under Continuous Deployment was to achieve that, but when I call it with curl I get the message from the subject.
I couldn't find the right doc... is that WebHook URL for what I think (hope) it is? is there a specific HTTP verb to use?
EDIT: I mean the WebHook URL found under Continuous Deployment in my Container Settings in Azure
I was stuck on this one for some time as well, until I realized that it requires POST HTTP request on that URL.
Here is an example of the CURL request that I have in my gitlab CI script
curl -X POST "https://\$$AZURE_DEPLOY_USER:$AZURE_DEPLOY_PASSWORD#$AZURE_KUDU_URL/docker/hook" -d -H
It does require to have set the following variables in the environment or you can replace it directly with your URL
$AZURE_DEPLOY_USER
$AZURE_DEPLOY_PASSWORD
$AZURE_KUDU_URL

Resources