Sunday, September 10, 2017

Build Jenkins Job Remotely | Fix: Error 403 No valid crumb was included in the request


In case you are a newbie with Jenkins read through this article: http://com.puter.tips/2017/09/getting-up-and-running-with-jenkins.html



Build Jenkins Job Remotely

I have found two ways in which you can trigger a build on job remotely via scripting.

Both methods are simple HTTP Get/Post requests, nothing fancy here. Along with these Requests we need to pass login credentials.

Method 0: No protection enabled

=> This is the case when you are in a secure environment and have disabled all additional protection mechanism like CSRF (Method 1) and Authentication Token (Method 2). If this is the case then you can simply trigger a HTTP Request like this:

'http://username:password@jenkins_url:port/job/job_name/build'

e.g. http://admin:pass@localhost:8080/job/job1/build



Method 1: Using Crumb

=> Crumb is required when you want to enable Cross-Site Request Forgery (CSRF) protection. It is by default enabled.
=> You have a option to disable it, then you can simply call the URL as shown in Method 0. If it is enabled, then you are supposed to pass a 'crumb' in Header field along with the URL in your HTTP Request.
=> Crumb is auto-generated by Jenkins servers and fetched by client. It is common for all the jobs.
=> Crumb response can be retrieved via XML or JSON.
=> URL remains the same, just a header needs to be added in HTTP Request.

Please check this article for implementation in Perl, Python, Powershell and PHP.

Method 2: Using Authentication Token


=> Unlike default and common 'crumb' option, there is another option called Authentication Token.
=> It is like an additional password which is required to pass along with the URL.
=> It is user-generated, meaning you can set it to whatever value you want, and you can keep a unique token for each of the jobs if you want to.
=> URL changes to this:

'http://username:password@jenkins_url:port/job/job_name/build?token=auth_token'

e.g. http://admin:pass@localhost:8080/job/job1/build?token=job1_builder'

Please check this article for implementation in Perl, Python, Powershell and PHP.



Solve Error 403 No valid crumb was included in the request


If you have CSRF protection enabled in Jenkins and are trying to trigger a build remotely with Method 0 then you will face this error stating No valid crumb was included in the request. To get away with this problem you have:

Option 1: Disable CSRF protection in Jenkins - Method 0 (I would discourage you to do it)

Option 2: Use Authentication Token - Method 2

Option 3: Fetch crumb from Jenkins and pass it in HTTP Request Header - Method 1