I have spent days troubleshooting/researching this issue. I can't seem to figure out what's going on here. I'm trying to setup a multibranch pipeline project pointed at our internal GitHub enterprise servers. The same issue occurs in other project types too like the "GitHub Organization". It's some sort of security issue that I can't figure out.
Let's start with what I know...
I have (to my knowledge) configured the GitHub Plugin configuration correctly with a TOKEN (also configured per documentation)... I can successfully "Verify Credentials" and it comes back successful. http://imgur.com/br13adk
I keep getting this validation issue on the GitHub Enterprise Servers Validation
http://imgur.com/GnffTeV
I can connect successfully to any ONE repository hosted on my enterprise github server. When I try to configure a multi-branch project from a GitHub source, I ALWAYS get BLANK for repositories....
http://imgur.com/2Q9s1mo
I configured a custom logger to see what was going on and it seems like the branch source plugin is always going out to api.github.com...
Jan 25, 2016 11:48:23 AM WARNING org.jenkinsci.plugins.github_branch_source.Endpoint$DesciptorImpl doCheckApiUri
Jan 25, 2016 11:48:23 AM WARNING org.jenkinsci.plugins.github_branch_source.Endpoint$DesciptorImpl doCheckApiUri
Jan 25, 2016 11:54:58 AM WARNING org.jenkinsci.plugins.github_branch_source.AbstractGitHubSCMSource$AbstractGitHubSCMSourceDescriptor doFillRepositoryItems
Server returned HTTP response code: 401 for URL: https://api.github.com/user
Jan 25, 2016 11:54:58 AM WARNING org.jenkinsci.plugins.github_branch_source.AbstractGitHubSCMSource$AbstractGitHubSCMSourceDescriptor doFillRepositoryItems
Server returned HTTP response code: 401 for URL: https://api.github.com/orgs/nhudacin
Jan 25, 2016 11:54:58 AM WARNING org.jenkinsci.plugins.github_branch_source.AbstractGitHubSCMSource$AbstractGitHubSCMSourceDescriptor doFillRepositoryItems
Server returned HTTP response code: 401 for URL: https://api.github.com/users/nhudacin
I've configured the API endpoint for the GitHub plugin (as seen in the first screen shot), for the PR Builder plugin and the credentials are working (or so it seems). I'm thinkin it's a probably with the enterprise API endpoint configuration.
Any help?? I'm going CRAZY here!
I'm having a similar issue as Nick H.
In my production Jenkins instance
Jenkins version 2.17 Latest weekly release with all plugins up to date as of Aug 10 i.e
GitHub Branch Source Plugin 1.8.1
PipelineMultibranch 2.8
I get :
WARNING: Server returned HTTP response code: -1, message: 'null' for URL: https://api.github.com/users/ORG
Even when I have configured the API endpoint on GitHub Enterprise Servers to be http://github.MYDOMAIN/api/v3/
On the other hand, on a fresh local install of Jenkins
with the same configuration I get:
Aug 11, 2016 3:19:14 PM org.jenkinsci.plugins.github_branch_source.GitHubSCMSource$DescriptorImpl doFillRepositoryItems
WARNING: Exception retrieving the repositories of the owner ORG on with credentials USER/****** ( test credentials)
Edit: I found a way to make it work, it was not very intuitive, I found it after browsing the code and matching the strings to the plugin UI
What you need to do is, after you get the Invalid credentials red error press Advanced... button
Then a combo box with the API endpoints defined in the Manage Jenkins-> Configure System -> GitHub Enterprise Servers will appear.
Select the API endpoint for you GitHub Enterprise instance, choose Checkout credentials that have access to that instance and the list of all the repositories will appear.
Save it, and start a Branch indexing discovering the branches that have a JenkinsFile on it.
NOTE: in order to have this working every push a web hook needs to be installed in github Enterprise, you can do that by going
Manage Jenkins-> Configure System -> GitHub and press the second Advanced... button
Now a Re-register hook for all jobs button will appear. Just press that and it should add the hook that will be triggered every time you push into your matching repos.
Hope this helps
I don't have much knowledge about this particular scenario, but in this commit you can see, that they switched from regex validation to anonymous connection to endpoint. And if your server is in private mode, it will fail.
Related
Recently i've updated jenkins to build 2.346.3 .
Since then Azure Devops webhook configured for triggering a build by the trigger "code push" fails with the following output:
Failed Sent at: Wednesday, October 26, 2022 10:52:13 AM Message Jamal Hartnett pushed updates to Fabrikam-Fiber-Git:master. Error Message Unauthorized (401)
I've tried to reach microsoft support to solve this..... the savior will not come from their side...
I am using a multibranch pipeline in jenkins.
The token is valid... as far as i see from the documents in jenkins their instructions is to use the "token" parameter in the URL but i don't see any "token" parameter in the URL azure devops sending the webhook to.
Any suggestions? .
I've tried to create new tokens , using CURL to see if the webhook works following the instructions in jenkins documentions which was succesfully performed without any error.
I had this same issue. The fix is to update the server setting in the hook configuration in AZDO from https://build.company.com to https://build.company.com/?token=<USERTOKEN>.
The user token is one generated in a Jenkins user's profile section.
I try to configure Jenkins. I want a simple behavior: trigger a build on new pull request.
I cannot understand what I missed...
Jenkins version: 2.89.2
At https://ci.mysite.fr/configure :
Still no build triggered:
At https://ci.mysite.fr/job/test-back/configure :
On Github, Webhook is sent and well received by Jenkins:
Nginx Log says the same:
Help please!
Some things to check when debugging this sort of thing:
Check your Jenkins logs to see whether or not Jenkins is receiving the hook and deciding not to take action for some reason.
Check Jenkins security by clicking Manage Jenkins -> Configure Global Security. Open things up as much as you're comfortable doing and see if that changes anything.
Ensure that you're pushing changes to the master branch. For simplification, consider using ** as your branch specifier while you're getting this to work.
Ensure Git is properly configured on your Jenkins host by clicking Manage Jenkins -> Global Tool Configuration
Make sure the user whose credentials you provided can manage hooks and pull from the repo you're interested in.
Run the job manually in Jenkins, ensure that it works.
After you run the job, it should show up as an option in Protected Branches/Required Statuses. In your repo, click on Settings->Branches, select your branch in the Branches section, click Require Status Check to Pass before merging option, and your job should show up in the list which appears.
Webhooks are arguably the most difficult Jenkins feature to test without prior experience, because of gotchas like these (probably their list is incomplete):
New git commit / git push must be made for each pipeline build (repeating a previous one won't trigger a new build even if webhooks are already set up correctly - see below).
First build made after setting up webhook correctly must be manual (no bootstrap from the webhook itself is possible).
First build made after setting webhook correctly must succeed completely for the changes to take effect and for webhooks to start working. This will also cause Jenkins to miss all incoming requests made during the first build of a newly created pipeline.
More info
Please be warned that it is not possible to trigger a build using the same build conditions again (at least using a webhook). Therefore you might have a correct webhook setup already, but not find out that it works unless you create a new git commit and push it to the remote repo on Github. If your try to repeat some old push over and over again, by simply pressing the "Redeliver" button in the Recent deliveries section on Github's Webhooks / Manage webhook page, Jenkins will never move beyond the "poke" repo stage, as it requires SCM changes to be detected in order to trigger a new build:
Received PushEvent for https://github.com/mirekphd/<REPO_NAME> from <GITHUB_IP> ⇒ <JENKINS_URL>/github-webhook/
Apr 16, 2021 9:42:12 PM INFO org.jenkinsci.plugins.github.webhook.subscriber.DefaultPushGHEventSubscriber$1 run
Poked <REPO_NAME>
Apr 16, 2021 9:42:13 PM INFO com.cloudbees.jenkins.GitHubPushTrigger$1 run
SCM changes detected in <REPO_NAME>. Triggering #236
For further info on points 2) and 3): see original source.
I'd like to configure bitbutcket to trigger a jenkins build.
I've spent some time researching this and all the answers are from a few years ago, and have not found any guides because things seem to have changed since.
What I'm trying to do:
A bitbucket push to a particular branch triggers a build.
What I've got:
Bitbucket web hooks which fires HTTP request to Jenkins on a push to any branch. I've also installed the Bitbucket plugin on Jenkins which adds a check box in the job config Build when a change is pushed to BitBucket. This checkbox doesnt seem to work (maybe I set it up wrong? minimal docs for this), despite me pushing to the configured branch in the SCM section.
Problem 1: Bitbucket does not fire a GET, but another request which causes a 403. I tested with postman, and it works with a GET, but not a POST.
Problem 2: This HTTP build request is fired on pushes to any branch. While the build is still restricted to a particular branch, it seems unnecessary to be rebuilding all the time.
How do i address these issues? Bitbucket does not seem to be very flexible in customizing this. The Jenkins plugin for bitbucket has a lot of 'bad' reviews. How are developers currently doing this?
SPECIFIC solution for Jenkins CI server--Webhook to Jenkins for Bitbucket plugin has been commercialized in latest version of Bit-Bucket and the current price is around $4800 which was earlier a free offering, because of this, guys who want to save their bucks, can go to the alternative solution by using webhooks feature of bit-bucket:-
Steps to create a webhook:-
BitBucket Side
1) Go to your bitbucket repo, click on Repository Setting, under WORKFLOW got for WEBHOOKS option and create a webhook.
a) creation of webhook:- URL https://JenkinsserverURL/git/notifyCommit?url=https://bitbucket.repository-link/repository.git
b) In the name tab, give any name of your choice
c) click on TEST CONNECTION before saving it. Make sure you get http status 200
d) View details your logs, check your request and response is correct.
Things to take care of from
Jenkins Side:-
1) Make sure repository mentioned in bitbucket webhook is used in Jenkins job.
2) In SCM option, activate/select Poll SCM option, don't mention anything in the schedule, leave it blank.
3) configure rest job,
Whenever your git repo observes any change an automatic build will get triggered in Jenkins. By default push trigger is activated and if you want to activate other action, please select those events while creating webhook.
***to specify the branch in repository webhook:-
http://yourserver/git/notifyCommit?url=<URL of the Git repository>[&branches=branch1[,branch2]*][&sha1=<commit ID>]
Cheers,
Is your Jenkins URL accessible from your bitbucket server? If yes that it should be fairly simple to do it. You add the webhook in your repository as http://<url-of-jenkins>/git/notifyCommit?url=<url-of-repository>. When jenkins receives this POST, it automatically triggers builds on those jobs that use this git repo with that URL you give in webhook.
But you also need to make sure your Build Schedule is set to empty for those jobs. otherwise it wont get triggered. You can specify a branch in webhook URL too
See the Push Notification from repository here
https://wiki.jenkins.io/display/JENKINS/Git+Plugin
For anyone here after July 2022, here are the simple steps I followed to make it work.
Create a live Jenkins URL
First, create a tunnel from a live URL to your local Jenkins URL using ngrok because using locahost:8080 directly as your webhook URL on bitbucket will simply not work as bitbucket does not recognize your local computer.
ps: ngrok claims to be the fastest way to put anything on the internet and I agree,
you can use it beyond Jenkins once you know the trick,
such as quickly handling out your localhost react app for testing by your friends
out of your local network
To do this is simple. For Linux:
Install ngrok snap install ngrok
Add authtoken ngrok config add-authtoken <token>
Don't have an auth token, sign up
Start a tunnel on your Jenkins port eg ngrok http 8080
To know more and for other OS, check ngrok download page
You will then get a response like
ngrok (Ctrl+C to quit)
Hello World! https://ngrok.com/next-generation
Session Status online
Account <your email>#<domain>.com (Plan: <plan type>)
Version 3.0.6
Region Europe (eu)
Latency 162ms
Web Interface <web interface url>
Forwarding https://<your-assigned-host>.ngrok.io -> http://localhost:8080
Basically, the web interface URL on click gives you a web interface to inspect all the requests being tunnelled from your ngrok live URL to your local host.
Forwarding URL is basically a proxy to your localhost, so when you want to configure webhook, instead of using locahost:8080, you replace it with ngrok URL eg https://syue-162-34-12-01.eu.ngrok.io and all requests get tunnelled to localhost:8080
Hook up the URL on bitbucket cloud
Secondly, configure your Bitbucket repository with a Webhook, using URL JENKINS_URL/bitbucket-hook/ (no need for credentials but do remember the trailing slash) eg https://syue-162-34-12-01.eu.ngrok.io/bitbucket-hook/
If you are using bitbucket server and not cloud or you want to know more, the bitbucket plugin documentation for Jenkins is pretty straightforward and easily understandable, see bitbucket plugin
then you can inspect all your webhook requests on the web interface URL or via your terminal as well as check your build logs on Jenkins via your localhost port or ngrok live url.
Disclaimer: I have not figured out how to enable build only when a specific branch change but you can configure jenkins to only build a specific branch or any branch created as your need may demand, check Source Code Management and Build Triggers
I have created a new Team Project in Visual Team Services with Git as the repository. On this repository I have checked-in a Java project and implemented continuous integration and deployment using Jenkins.
The Jenkins instance is present on an Azure VM created using Azure RM. I have configured polling in the Jenkins build and the build is getting triggered whenever a code change happens to the Java project.
So now our requirement is to use VSTS service hooks instead of polling. So we have created a Jenkins service hook which is configured to call the Jenkins build whenever code gets pushed. Though the Jenkins connectivity is successful, it is not able to call the Jenkins jobs.
It is throwing an error saying "No valid crumb was included in the request (403)". The wizard doesn't allow you to customize the HTTP post request. Is this a product issue or do we need to make any configuration changes to Jenkins instance?
Image 1
Image 2
As answer in Jenkins REST API Create job suggests, the issue is probably caused by CSRF Protection which is enabled by default.
According to this blog article published on 18 Aug 2016 “Jenkins Queue Job” task handles this correctly. Try using that.
The “Jenkins Queue Job” task was initially introduced in July, 2016. The task now has support for parameterized Jenkins jobs and tracks full Jenkins pipelines. It also now supports self-signed server certificates and Jenkins crumb security for protection against cross-site request forgery (CSRF) exploits.
I'm trying to add the HipChat plugin to my Jenkins builds, but it doesn't post anything.
In the global configuration I've set the HipChat server to api.hipchat.com, added an API token und default room ID, set the build server URL to https://xxx.ci.cloudbees.com/ and the send as name to Jenkins.
In the build job configuration I've tried setting the same room ID and leaving the field blank (so it should use the default). I've activated all notify checkboxes and added HipChat Notifications as the (only) post-build action.
However, I'm not receiving any build updates in the given room. So I've added a custom Jenkins logger, logging ALL from jenkins.plugins.hipchat. For every build I start, I get a single log entry like this:
Aug 28, 2014 6:08:20 PM INFO jenkins.plugins.hipchat.HipChatNotifier$HipChatJobProperty prebuild
Invoking Started...
Any ideas what I'm doing wrong or how I could debug this further?
PS: I'm running on Cloudbees — not sure if this makes any difference.
The Hipchat notifier plugin for Jenkins uses the HipChat API v1, not the newer API v2. I had the same problem while trying to use a v2 token.
Try creating an admin token in Hipchat for Jenkins (e.g., https://my-hipchat-group.hipchat.com/admin/api) instead of creating a room token (e.g., https://my-hipchat-group.hipchat.com/admin/rooms/tokens/665113).
I was able to get the HipChat API v2 token working with a manually built hpi from the https://github.com/yagince/hipchat-notifier-plugin project.
This seems to have been addressed in the 0.1.9 and newer versions of the hipchat plugin at https://wiki.jenkins-ci.org/display/JENKINS/HipChat+Plugin. I'm using it with a v2 API token.