我想通过向Jenkins发送帖子卷曲请求来禁用Jenkins作业。
我尝试过这样做:
curl -X POST http://<server>:8080/<jobname>/disable curl -X POST http://<server>:8080/<jobname>/disable?token=<token> curl -u <username>:<token> POST http://<server>:8080/<jobname>/disable 但每次都失败了。我得到的错误是:
403请求中未包含有效的crumb
这个问题是否有一个很好的基于卷曲的解决方案?
答案 0 :(得分:14)
No valid crumb means your Jenkins installation has a security option enabled which prevent requests send in a standard way to avoid one-click attacks. You can't use Jenkins CLI either, because it doesn't work yet.
Here are the steps using curl (replace localhost with your Jenkins address):
/user/USER/configure).Get your crumb:
CRUMB=$(curl -s 'http://USER:TOKEN@localhost:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
Now you can disable the job by sending the crumb in the headers:
curl -X POST -H "$CRUMB" http://USER:TOKEN@localhost:8080/<jobname>/disable
If the above won't work for some reason, you may try to use -u USER:TOKEN instead.
答案 1 :(得分:8)
碎屑错误表示您正在使用CSRF Protection。您需要在请求中包含适当的crumb标头。可以从上面链接的Jenkins wiki页面上描述的Jenkins API获得crumb。 answer for“Trigger参数化构建与curl和crumb”显示了在curl请求中添加crumb头的语法。
答案 2 :(得分:4)
设置jenkins&#34;全局安全设置&#34;: 取消选中&#34;防止跨站请求伪造攻击&#34;
答案 3 :(得分:3)
我发现kenorb's solution的第一部分为我工作,即获得碎屑,但对于第二部分,curl不喜欢这种语法,它说:
卷曲:(6)无法解析主持人&#39; http:&#39;
所以我必须使用以下语法:
curl -H $CRUMB http://localhost:8080/<jobname>/disable -u USER:TOKEN
答案 4 :(得分:1)
以下内容适用于我
curl -X POST http://<servername>/job/jobname/disable
确保用户可以访问。