I've got a remote Jenkins job which does not require any login to start. This is a parameterized job, so it is normally started with "Build With Parameters".
When trying to trigger this build (with default parameters), I call the following:
wget [url_to_job]/build
And I get this error:
Connecting to 10.57.112.238:8080... connected.
HTTP request sent, awaiting response... 405 Method Not Allowed
2016-03-14 11:49:34 ERROR 405: Method Not Allowed.
From what I have read, I would think that this should work.
Am I doing something wrong?
First, the URL for Remote Trigger should be wget [url_to_job]/buildWithParameters not [url_to_job]/build.
You can pass parameters by using wget [url_to_job]/buildWithParameters/?{parameterName}={parameterValue}
Eg : http://localhost:8080/jenkins/job/test/buildWithParameters/?name=arun
You better use curl instead of wget and also provide credentials for the command:
curl -XPOST --silent --show-error --user <user>:<key> <url_to_job>/build
wget --auth-no-challenge --delete-after --verbose "http://10.157.163.249:8080/job/scanning/buildWithParameters?token=scan&buildURL='abcdefg'"
The problem most likely is that you haven't copied the token over into the "Authentication Token" field of the build trigger. Clicking the checkbox isn't enough - Jenkins will silently remove the checkbox unless a token was provided.
Once I did this the following command worked:
wget --auth-no-challenge --user STRING --password STRING --output-document - 'http://localhost:8080/job/PROJECT/build?token=TOKEN'
Of course it is BAD PRACTICE to put passwords into scripts or the command line history. See this post to learn how to store the credentials in ~/.netrc.
Related
The docs state to verify a Jenkinsfile you can do as follows
Linting via HTTP POST using curl
# curl (REST API)
# Assuming "anonymous read access" has been enabled on your Jenkins instance.
# JENKINS_URL=[root URL of Jenkins controller]
# JENKINS_CRUMB is needed if your Jenkins controller has CRSF protection enabled as it should
JENKINS_CRUMB=`curl "$JENKINS_URL/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,\":\",//crumb)"`
curl -X POST -H $JENKINS_CRUMB -F "jenkinsfile=<Jenkinsfile" $JENKINS_URL/pipeline-model-converter/validate
At the moment I am just trying to get the crumb. I am trying to do this programmatically in a pipeline, however issuing the curl command throws an error every time. script.sh: Syntax error: "(" unexpected
I have tried escaping the ( character but that is a different error, it works without the xpath extension but it would be cleaner to include this. I have tried to use jenkins Snippet Generator and when I plug in the command it gives response = sh returnStdout: true, script: '''curl -s $JENKINS_URL/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,\\":\\",//crumb) '''. However running this also gives an error.
I am trying to trigger a Jenkins build by post request from my Windows computer, using the following commands.
First, I obtain the crumb using...
curl http://JENKINS-URL/crumbIssuer/api/xml?xpath=//crumb
The response is this...
<crumb>string-of-digits<\crumb>
I then use the command
curl -u USERNAME:PASSWORD -X POST -H "Jenkins-Crumb:string-of-digits" http://JENKINS-URL/job/my-job/buildWithParameters?token=my-token
The username is correct, the password is correct, the crumb is exactly the string of digits that I got from the first command (everything between the crumb> at the beginning and <\crumb> at the end), the token matches the token I have specified in Jenkins. But still, I am getting the response
Error 403 No valid crumb was included in the request
In Configure Global Security -> CSRF Protection, I also have "Enable proxy compatibility" checked and am using "Default Crumb Issuer".
Does it look like I am missing anything here? Forgetting any steps? Improperly formatted commands? Anything else you might be able to think of?
I have followed the steps and formatted my command like the solution here as well, and still no luck..
https://linuxacademy.com/community/posts/show/topic/28964-no-valid-crumb-was-included-in-the-request
In addition to this, I have also tried saving the cookies from the first request to get the crumb, and then I pass the file I saved the cookies to into the second curl command, see below for the command. Still I am getting the 403 No valid crumb...
Here are the commands using cookies...
wget --keep-session-cookies --save-cookies cookies.txt --auth-no-challenge --user admin --password my_password -q --output-document - http://JENKINS-URL/crumbIssuer/api/xml?xpath=//crumb
curl --cookie cookies.txt -u admin:my_password -H "JenkinsCrumb: string-of-digits-from-stdout" -X POST http://JENKINS-URL/job/my-job/buildWithParameters?token=my-token
I have finally discovered the answer. I thought that I could specify my actual account password, but it turns out that I needed to use an API token to authenticate. Using the API token instead of my password on the above commands with cookies allowed me to trigger my build remotely.
enter image description here
I finally resolved this issue by selecting the jenkins own user database in security realm
I am trying to make a request to the Jenkins API. However, I always get a 401 unauthorized error. I have tried all permutations of requests using Curl - including sending the API token and Crumb. The Jenkins is hosted on a DEV server and not on my local. I have CSRF protection enabled on Jenkins. Could this be a CORS issue or something else?
Thanks
Trigger Jenkins build with parameters using API token
Variables
UserName is the user with permission to execute jobs
UserTokenValue is the token key assigned to UserName.
JobTokenValue is the token key assigned to the job to allow remote execution.
Create User Token - if jenkins instance requires authorization to execute jobs then user token will be required or the error "missing bread crumb trail" may appear.
Login to Jenkins
Click username in top right corner
Click configure
Click add token
Capture the UserTokenValue. Note:Token id will not be needed going forward.
Optional - verify token assigned to user.
Command curl -v -u <user>:<userTokenValue> <jenkins>/user/<user>/api/json
Example curl -v -u john:11bc70579c86512be9a4356127640abfda http://jenkins.dv.local:8080/user/john/api/json
Enable Jenkins Job to "Trigger builds remotely (e.g., from scripts)"
Locate Jenkins job and click Configure
Scroll to the "Build Triggers" section and enable the checkbox "Trigger builds remotely"
Enter a secret "Authentication Token" in the text box. The Token is required to execute this specific job remotely. Use "SuperSecret"
Because the Token is set in this one job configuration, that value will only allow this one job to execute remotely.
Use the same value for all jobs if you like but there is no way to manage the JobTokenValue Globally that I know of.
Execute job with parameters using Curl POST
Your values will vary...
JenkinsUrl : https://jenkins.dv.local:8080
UserName : john
UserTokenValue : 115e46b2109bda095cc070b6347dafe585
JobTokenValue : SuperSecret
Command
curl -X POST <JenkinsUrl>/job/test/build -user <UserName>:<UserTokenValue> --data token=<JobTokenValue> --data parm1Name=parm1Value --data parm2Name="Parm2Value with spaces"
Example
curl -X POST http://jenkins.dv.local:8080/job/MyRemoteJob/buildWithParameters --user john:115e46b2109bda095cc070b6347dafe585 --data token=SuperSecret --data TEST_PLAN_KEY=QTAK-1040 --data BROWSER="Chrome (headless)"
401 probably means your username/pass are incorrect.
This works for me:
curl -v -X GET "http://$JENKINS_URL/crumbIssuer/api/json" --user $USERNAME:$USERPASS
If there is a CORS issue, use https://plugins.jenkins.io/cors-filter/.
I've got a bunch of scripts that get called when the appcenter-pre-build.sh is called. For example, one of them is a simple check to see if the current branch tag already exists on the repository.
#!/usr/bin/env bash
set -e # Exit immediately if a command exits with a non-zero status (failure)
# 1 Fetch tags
git fetch --tags
# See if the tag exists
if git tag --list | egrep -q "^$VERSION_TAG$"
then
echo "Error: Found tag. Exiting."
exit 1
else
git tag $VERSION_TAG
git push origin $VERSION_TAG
fi
If the tag is found, I want to abort the build in AppCenter and fail it. This worked perfectly fine when I was running everything through Xcode Server but for some reason, I cannot figure out how to abort the build upon failure of my script. I'm not seeing much documentation on this particular subject and the AppCenter folk over at Microsoft are taking their sweet time getting back to me.
Anyone have experience with this and/or know how to fail an AppCenter build from their scripts? Thanks in advance for your thoughts!
Okay, figured it out. Looks like sending a curl request to cancel the build using the env variable "$APPCENTER_BUILD_ID" takes care of the issue. Exiting your script with a non-zero is NOT working inside AppCenter.
Here's a sample of what to do. I just put it in a special "cancelAppCenterBuild.sh" script and called it in place of my exits.
API_TOKEN="<YourAppToken>"
OWNER_NAME="<YourOwnerOrOrganizationName>"
APP_NAME="<YourAppName>"
curl -iv "https://appcenter.ms/api/v0.1/apps/$OWNER_NAME/$APP_NAME/builds/$APPCENTER_BUILD_ID" \
-X PATCH \
-d "{\"status\":\"cancelling\"}" \
--header 'Content-Type: application/json' \
--header "X-API-Token: $API_TOKEN"
Pro tip: If you've ever renamed your app, AppCenter servers are having issues referencing the new name. I was getting a 403 with a forbidden message. You might have to change your app name to whatever the original name was or just rebuild the app from scratch within AppCenter.
I have one jenkins server A where I am trying to create a scripted pipeline but I have to call another job (Job1) on another jenkins server B.
In order to do that I am using REST API with crumb in Header. I retrieve my crumb by running the following command on my browser.
http://myhudson.com/crumbIssuer/api/json?xpath=concat(//crumbRequestField,":",//crumb)"
I tried different commands mentioned below but there is no luck.Please advise some thing. I do have access or permission for triggering build on both of the servers. I am executing below commands from Jenkins server A with details of Server B.
1. curl -v -u Username:<API_TOKEN> -X POST http://UsedrName:<API_TOKEN>#myjenkins.com/job/Test_job/build?token=<API_TOKEN> -H Jenkins-Crumb:<Crumb number>
2. curl -v -X POST http://UsedrName:<API_TOKEN>#myjenkins.com/job/Test_job/build?token=<API_TOKEN> -H Jenkins-Crumb:<Crumb number>
3. curl -v -u Username:<API_TOKEN> -X POST http://UsedrName:<API_TOKEN>#myjenkins.com/job/Test_job/build?token=<API_TOKEN> -H .crumb:<Crumb number>
did jenkins API work for you, https://wiki.jenkins.io/display/JENKINS/Remote+access+API you can trigger remote jobs
You need to use Build With Parameters Plugin for it . you can write a shell script in build option to call the another jenkins job on other server.
shell script snippet :curl -X POST -u userid of other server:API token of other server {jenkins server url of B job /job/jobname}
To get rid of this error i got Jenkins-Crumb by using wget command.
Trigger parameterized build with curl and crumb
I was able to execute remote parameter job.
I faced the same issue and it was because on that port something else is running and jenkins is giving Error as "No Valid crumb is included in that request" thus changed the port in server.xml and things worked.