我在SO上看到过类似的帖子,但并不完全是我想要做的(或者至少没有运行命令的完整示例)。
我正在尝试使用curl在Jenkins上远程触发参数化构建。我已经启用了‘防止跨站点请求伪造’,所以我还需要传递一个有效的crumb。
我的脚本如下:
#!/bin/bash
json="{\"parameter\": [{ \"P1\": \"param1\", \"P2\": \"param2\", \"P3\": \"param3\" }]}"
crumb=`curl "http://SERVER/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,%22:%22,//crumb)"`
curl -v -H $crumb -X POST http://SERVER/job/JOB_NAME/buildWithParameters -d token=runme --data-urlencode json="$json"
我还尝试将传递给curl的URL修改为:
USERNAME:APITOKEN@SERVER
和
USERNAME:PASSWORD@SERVER
curl的输出为:
* About to connect() to SERVER port 8080 (#0)
* Trying SERVER... connected
* Connected to SERVER (SERVER) port 8080 (#0)
* Server auth using Basic with user 'USERNAME'
> POST /job/JOB_NAME/buildWithParameters HTTP/1.1
> Authorization: Basic bjAwNjY5MjI6YWxLaW5kaTg=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.13.1.0 zlib/1.2.3 libidn/1.18 libssh2/1.2.2
> Host: SERVER:8080
> Accept: */*
> .crumb:776eb589e8b930d9f06cfc2df885314c
> Content-Length: 168
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 403 No valid crumb was included in the request
< Content-Type: text/html;charset=ISO-8859-1
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Length: 1469
< Server: Jetty(8.y.z-SNAPSHOT)
<
所以看起来我没有正确地传递crumb,但是我不确定命令的正确格式应该是什么。
发布于 2014-05-15 01:09:56
正确的格式如下:
curl -H ".crumb:xxxxxxxxxxxxxxxxxxxxxx"
发布于 2016-02-05 01:41:03
对我起作用的是:
SERVER=http://localhost:8080
CRUMB=$(curl --user $USER:$APITOKEN \
$SERVER/crumbIssuer/api/xml?xpath=concat\(//crumbRequestField,%22:%22,//crumb\))
curl --user $USER:$APITOKEN -H "$CRUMB" -d "script=$GROOVYSCRIPT" $SERVER/script
发布于 2020-02-17 17:35:22
这对我来说很有效,我试着使用了本页面中已经提到的解决方案,但由于(a) referer和(b) cookie,它们必须进行一些调整。Jenkins版本2.204
sh script:"""
COOKIE_PATH=/tmp/cookie_jenkins_crumb.txt
CRUMB=\$(curl -s -c \$COOKIE_PATH -H '${jenkins_referer}' 'https://useridhere:${jenkins_live_token}@jenkins.example.com/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,\":\",//crumb)' )
# https://support.cloudbees.com/hc/en-us/articles/219257077-CSRF-Protection-Explained
# https://wiki.jenkins.io/display/JENKINS/Remote+access+API#RemoteaccessAPI-CSRFProtection
# but a bit adjusted as it is not exactly usable as it is in the documentation page.
# We discovered that the CRUMB should be identical because it
# is paired with a cookie. Thus save the cookie, it is important.
sed -i 's/ORGANIZATION/${PROJECT_NAME}/g' ${jenkins_credentials_json_template_file_path}
# a json file with labels for quick replacements.
# cat ${jenkins_credentials_json_template_file_path}
# https://support.cloudbees.com/hc/en-us/articles/360030526992-How-to-manage-Credentials-via-the-REST-API
curl -s -b \$COOKIE_PATH -u useridhere:${jenkins_live_token} -H '${jenkins_referer}' -H \"\${CRUMB}\" -X POST --data-urlencode json@${jenkins_credentials_json_template_file_path} 'https://jenkins.example.com/credentials/store/system/domain/_/createCredentials'
"""
https://stackoverflow.com/questions/23497819
复制相似问题