New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Trigger new build for Jenkins throws an exception #33

Closed
vatioz opened this Issue Sep 7, 2017 · 19 comments

Comments

5 participants
@vatioz
Copy link

vatioz commented Sep 7, 2017

Status is shown correctly, also Open in browser action works fine. But Trigger new build does nothing (after popup "Are you sure" is shown) and in the output window of Visual Studio I can see this exception:

System.Net.Http.HttpRequestException: Response status code does not indicate success: 403 (No valid crumb was included in the request).
   at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
   at AnyStatus.TriggerJenkinsBuild.<TriggerBuild>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at AnyStatus.TriggerJenkinsBuild.<HandleAsync>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at AnyStatus.Mediator.<SendAsync>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at AnyStatus.Mediator.<TrySendAsync>d__7.MoveNext()

This is true for parametrized as well as for non-parametrized jobs.

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 7, 2017

Thank you for your report.

Please make sure you use an API token and let me know how it goes.

https://issues.jenkins-ci.org/plugins/servlet/mobile#issue/JENKINS-42200

@vatioz

This comment has been minimized.

Copy link

vatioz commented Sep 7, 2017

I am using API token, when I remove it I get different error (which is fine I would say):

[15:12:30.787] An error occurred while updating "Seed job". Exception:
System.AggregateException: One or more errors occurred. ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 404 (Not Found).
   at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
   at AnyStatus.JenkinsBuildMonitor.<GetBuildDetailsAsync>d__3.MoveNext()
   --- End of inner exception stack trace ---
   at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
   at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
   at System.Threading.Tasks.Task`1.get_Result()
   at AnyStatus.JenkinsBuildMonitor.Handle(JenkinsBuild item)
---> (Inner Exception #0) System.Net.Http.HttpRequestException: Response status code does not indicate success: 404 (Not Found).
   at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
   at AnyStatus.JenkinsBuildMonitor.<GetBuildDetailsAsync>d__3.MoveNext()<---
@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 15, 2017

What kind of a Jenkins job do you monitor? Is it a simple job or something like a pipeline or a view?

@vatioz

This comment has been minimized.

Copy link

vatioz commented Sep 15, 2017

I would say it is simple job. It is inside folder though.

@jessejacob

This comment has been minimized.

Copy link

jessejacob commented Sep 15, 2017

I'm running AnyStatus desktop beta and the trigger build feature for Jenkins doesn't appear to do anything at all. I'm using an API token as well. It's Jenkins 2.60.2 and a basic freestyle build that runs a couple of command lines. Any thoughts?

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 15, 2017

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 15, 2017

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 15, 2017

@vatioz

This comment has been minimized.

Copy link

vatioz commented Sep 18, 2017

This is what fiddler captured:
Request:

POST http://myjenkins:8080/job/some-folder/job/job%20name/buildWithParameters?delay=0sec HTTP/1.1
Authorization: Basic cGV0ci5rdWJh..........more of this
Content-Type: text/plain; charset=utf-8
Host: myjenkins:8080
Content-Length: 0
Connection: Keep-Alive

Response:

HTTP/1.1 403 No valid crumb was included in the request
Date: Mon, 18 Sep 2017 05:12:09 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: must-revalidate,no-cache,no-store
Content-Length: 408
Server: Jetty(9.2.z-SNAPSHOT)

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /job/some-folder/job/job%20name/buildWithParameters. Reason:
<pre>    No valid crumb was included in the request</pre></p><hr><i><small>Powered by Jetty://</small></i><hr/>

</body>
</html>

Request

GET http://myjenkins:8080/job/some-folder/job/job%20name/lastBuild/api/json?tree=result,building,executor[progress] HTTP/1.1
Authorization: Basic cGV0ci5rdWJh..........more of this
Host: myjenkins:8080

Response

HTTP/1.1 200 OK
Date: Mon, 18 Sep 2017 05:12:09 GMT
X-Content-Type-Options: nosniff
X-Jenkins: 2.60.3
X-Jenkins-Session: ee36f08d
Content-Type: application/json;charset=UTF-8
Content-Length: 92
Server: Jetty(9.2.z-SNAPSHOT)

{"_class":"hudson.model.FreeStyleBuild","building":false,"executor":null,"result":"SUCCESS"}
@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 18, 2017

Ok, I've found it.

Looks like the CSRF protection is enabled on your Jenkins server.
When CSRF protection is enabled, Jenkins expects a "crumb" which is retrieved by another API call.
See: https://wiki.jenkins.io/display/jenkins/remote+access+api

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 18, 2017

To summarize,

The Jenkins plugin should figure out whether CSRF is enabled and retrieve the crumb before sending the trigger-build request.

or

Add a new boolean parameter called "CSRF" to the Jenkins plugin which will indicate whether the crumb should or shouldn't be retrieved before sending the trigger-build request.

@AlonAm AlonAm added this to the 1.4 milestone Sep 18, 2017

AlonAm added a commit to AnyStatus/Plugins that referenced this issue Sep 20, 2017

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 20, 2017

@vatioz a first attempt to solve the issue has been released in AnyStatus Desktop 1.4.57 which you can download from https://www.anystat.us/downloads.

In the new version of the Jenkins Job plugin, you'll find a CSRF parameter which you should enable.
Note, the new parameter will not show up for existing Jenkins jobs in your dashboard, you'll have to recreate them.

Unfortunately, I don't have a way to test it at the moment, any feedback is highly appreciated.

Thanks!

@vatioz

This comment has been minimized.

Copy link

vatioz commented Sep 20, 2017

Installed, tested and it works. Great work!

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 20, 2017

@AlonAm AlonAm closed this Sep 20, 2017

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Sep 20, 2017

I took the opportunity to refactor Jenkins plugins. The code looks much simpler now
https://github.com/AnyStatus/Plugins/tree/master/src/AnyStatus.Plugins/Continuous%20Integration/Jenkins

Feel free to suggest or post changes.

@rajkumar4543

This comment has been minimized.

Copy link

rajkumar4543 commented Mar 13, 2018

Manage Jenkins --> Enable Security --> Authorization --> check Logged-in users can do anything --> check Allow anonymous read access
In this case, we do not get 403 error, and we can trigger builds:

"http://" + hostName + "/job/" + jobName + "/buildWithParameters?token=" + authToken + "&OrgCode=" + orgcode;

"http://" + hostName + "/job/" + jobName + "/lastBuild/api/json";

"http://" + hostName + "/job/" + jobName + "/" + buildNumber + "/api/json";

@karan-wahie03

This comment has been minimized.

Copy link

karan-wahie03 commented Jun 27, 2018

Even after providing the crumb I was only able to start my own jobs but not those which were created by some other users. also I am an admin user. Does anyone know why?

@AlonAm

This comment has been minimized.

Copy link
Member

AlonAm commented Jun 27, 2018

@karan-wahie03 did you try checking the "Parameterized Build" checkbox?

@karan-wahie03

This comment has been minimized.

Copy link

karan-wahie03 commented Jun 27, 2018

I am trying to a start build remotely using Jenkins remote api's using username and api token along with that I am sending my Jenkins crumb as well. To test it i created a test job and was able to start the build. But other jobs which were not created by my user threw 403 invalid jenkins crumb error.
My command looks like this - 'curl -X POST http://{{ credentials }}:{{ api-token }}@{{ jenkins_url }}/job/{{ item.name }}/build?token={{ token }} -H 'Jenkins-Crumb:{{ crumb }} '

Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment