使用curl和crumb触发参数化构建

kx7yvsdv  于 2022-11-13  发布在  其他
关注(0)|答案(8)|浏览(132)

我在SO上看到过类似的帖子,但并不完全是我想做的(或者至少没有完整的命令示例)。
我正在尝试使用curl远程触发Jenkins上的参数化构建。我启用了“防止跨站点请求伪造”,所以我还需要传递一个有效的面包屑。
我的脚本如下:

#!/bin/bash

json="{\"parameter\": [{ \"P1\": \"param1\", \"P2\": \"param2\", \"P3\": \"param3\" }]}"
crumb=`curl "http://SERVER/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,%22:%22,//crumb)"`

curl -v -H $crumb -X POST http://SERVER/job/JOB_NAME/buildWithParameters -d token=runme --data-urlencode json="$json"

我也尝试过将传递给curl的URL修改为:

USERNAME:APITOKEN@SERVER

USERNAME:PASSWORD@SERVER

curl的输出为:

* About to connect() to SERVER port 8080 (#0)
*   Trying SERVER... connected
* Connected to SERVER (SERVER) port 8080 (#0)
* Server auth using Basic with user 'USERNAME'
> POST /job/JOB_NAME/buildWithParameters HTTP/1.1
> Authorization: Basic bjAwNjY5MjI6YWxLaW5kaTg=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.13.1.0 zlib/1.2.3 libidn/1.18 libssh2/1.2.2
> Host: SERVER:8080
> Accept: */*
> .crumb:776eb589e8b930d9f06cfc2df885314c
> Content-Length: 168
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 403 No valid crumb was included in the request
< Content-Type: text/html;charset=ISO-8859-1
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Length: 1469
< Server: Jetty(8.y.z-SNAPSHOT)
<

因此,看起来我没有正确地传递面包屑,但我不确定命令的正确格式应该是什么。

curl

8条答案

按热度按时间
zyfwsgd6

zyfwsgd61#

对我有效的方法:

SERVER=http://localhost:8080
CRUMB=$(curl --user $USER:$APITOKEN \
    $SERVER/crumbIssuer/api/xml?xpath=concat\(//crumbRequestField,%22:%22,//crumb\))

curl --user $USER:$APITOKEN -H "$CRUMB" -d "script=$GROOVYSCRIPT" $SERVER/script
赞(0)分享  回复(0)举报  2022-11-13
sulc1iza

sulc1iza2#

正确的格式如下:

curl -H ".crumb:xxxxxxxxxxxxxxxxxxxxxx"
赞(0)分享  回复(0)举报  2022-11-13
dluptydi

dluptydi3#

这对我很有效:

获取碎屑$wget -q --auth-no-challenge --user yourUserName --password yourPassword--output-document - 'http://myJenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb) '
现在运行Jenkins作业$curl -I -X POST http://yourUserName:yourPassword@myJenkins:8080/job/JOBName/build -H "Jenkins-Crumb:44e7038af70da95a47403c3bed5q10f8"

HTTP/1.1 201创建日期:2017年7月28日,星期五09:15:45 GMT X-内容-类型-选项:nosniff位置:http://myJenkins:8080/queue/item/17/内容长度:0

赞(0)分享  回复(0)举报  2022-11-13
hujrc8aj

hujrc8aj4#

这对我很有效,我尝试使用本页中已经提到的解决方案,但由于(a)引用和(b)cookie,它们必须进行一些调整。

sh script:"""

COOKIE_PATH=/tmp/cookie_jenkins_crumb.txt

CRUMB=\$(curl -s -c \$COOKIE_PATH -H '${jenkins_referer}' 'https://useridhere:${jenkins_live_token}@jenkins.example.com/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,\":\",//crumb)' )
# https://support.cloudbees.com/hc/en-us/articles/219257077-CSRF-Protection-Explained
# https://wiki.jenkins.io/display/JENKINS/Remote+access+API#RemoteaccessAPI-CSRFProtection
# but a bit adjusted as it is not exactly usable as it is in the documentation page.
# We discovered that the CRUMB should be identical because it
# is paired with a cookie. Thus save the cookie, it is important.

sed -i 's/ORGANIZATION/${PROJECT_NAME}/g' ${jenkins_credentials_json_template_file_path} 
# a json file with labels for quick replacements.

# cat ${jenkins_credentials_json_template_file_path}

# https://support.cloudbees.com/hc/en-us/articles/360030526992-How-to-manage-Credentials-via-the-REST-API
curl -s -b \$COOKIE_PATH -u useridhere:${jenkins_live_token} -H '${jenkins_referer}' -H \"\${CRUMB}\" -X POST --data-urlencode json@${jenkins_credentials_json_template_file_path} 'https://jenkins.example.com/credentials/store/system/domain/_/createCredentials'
"""
赞(0)分享  回复(0)举报  2022-11-13
bqujaahr

bqujaahr5#

这是强调@探索者的答案。

请特别注意获取面包屑的步骤

正如其他答案所提到的,你得到的面包屑可能会有所不同,这取决于你用来浏览Jenkins的浏览器,无论是Chrome,Curl还是WGet。
但是,这是一个很重要的但是,我在CURL命令中使用的面包屑是我从WGET命令中得到的,而不是我从CURL -X GET命令中得到的。
我不清楚为什么会这样,但就像@搜索者的回答一样,这对我很有效。
我得到了不同的面包屑
1.浏览到http://qajenkins:8080/crumbIssuer/api/xml
1.正在浏览http://10.143.18.43:8080/crumbIssuer/api/xml(qajenkins = 10.143.18.43)
1.正在运行
curl 度-X WGET http://10.143.18.43:8080/crumbIssuer/api/xml
1.或跑步
wget -q --验证无质询--用户raamee --密码12345678 --输出文档- '[http://10.143.18.43:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField](http://10.143.18.43:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField),":“,//crumb)';回声
为了得到curl命令

curl -X POST -H "Jenkins-Crumb:2e03fc96f387abggga6581fe5883a14a" http://10.143.18.43:8080/view/Raamee_phase_2/job/test_remote_api_triggerring/buildWithParameters?token=MY_TOKEN --user "raamee:12345678"

我使用了从wget命令(第4个命令)中获得的碎屑。

赞(0)分享  回复(0)举报  2022-11-13
mpbci0fu

mpbci0fu6#

这是有效的

crumb=$(curl -u "user:pass" -s 'http://jenkins_URL/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')

curl -u "user:pass" -H "$crumb" -X POST **http://jenkins_URL/job/ENV/build?delay=0sec**

注:通过右键单击并复制“立即构建”链接来获取此POST URL。

赞(0)分享  回复(0)举报  2022-11-13
xfb7svmp

xfb7svmp7#

前面的答案对我都不起作用,但混合了一些标志,我得到了它的工作:

JKSERVER="http://localhost:8080"
JKUSER="jenkins_user"
JKPASSWORD="jenkins_password"
JKCRUMB=`wget -q --auth-no-challenge --user $JKUSER --password $JKPASSWORD --output-    document - '$JKSERVER/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)'`

curl --user $JKUSER:$JKPASSWORD -I -X POST "$JKSERVER/job/master/build" -H "$JKcrumb"
赞(0)分享  回复(0)举报  2022-11-13
oaxa6hgo

oaxa6hgo8#

对我来说,只有这种方式有效:
1.在您要触发的Jenkins中,需要为同一个用户生成一个TOKEN 2.在同一个Jenkins中,您需要创建一个管道作业并设置一个复选框:此项目已参数化并创建所有变量2.在相同的jenkins设置复选框中,远程触发构建并写入您在上一步中创建的TOKEN 3.保存
现在,在Jenkins中运行脚本并触发遥控器:(始终使用-v和curl,这样您将详细响应并查看失败原因)
管道{任意代理

stages {
    stage('Hello') {
        steps {
            echo 'Hello World'
            script{
                
                  //need cut crumb from response
                  def StringURL = http://yourjenkins:8080/crumbIssuer/api/xml?xpath=concat'('//crumbRequestField,%22:%22,//crumb')'
                  def crumbRes = sh(script: "curl -v GET ${StringURL} --user youruserforremotejenkins:yourpassforremotejenkins", returnStdout: true)
                  echo "Print Full Respose Crumb:${crumbRes} "
                  
                  def response = sh(script: """curl -v -u youruserforremotejenkins:yourpassforremotejenkins -X Post http://yourjenkins:8080/job/TEST_FOLDER_JOB/job/Test_Pipeline_Job/buildWithParameters?token=YOUR_TOKEN -F param1=true -F param2=12345 -F delay=0 -H "${crumbRes}" """, returnStdout: true)
                  
                  echo "Print Response:${response}"   
            }
            }
        }
    }
}
赞(0)分享  回复(0)举报  2022-11-13
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com