我的Crumb.sh文件是:
crumb=$(curl -u "jenkins:pwd" -s 'http://yuvi_jenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
echo $crumb
curl -u "jenkins:pwd" -H "$crumb" -X POST http://yuvi_jenkins:8080/job/ansible-project/build?delay=0sec
我得到的输出是:
Jenkins-Crumb:d3950e9f61bc9dd88fba532c17dba1ce220be11b92d78e720464afd38021a3fb
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /job/ansible-project/build. Reason:
<pre> No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>
</body>
</html>
我尝试过的解决方案:
1) Probably you are accessing jenkins by proxy server, please do following
Go to "Global Security Settings"
Check "Enables the Compatibilty Mode for proxies".
Restart
2) To resolve this issue I unchecked "Prevent Cross Site Request Forgery exploits" in jenkins.com/configureSecurity section.
我已经尝试了上述解决方案,但仍然遇到相同的错误。
答案 0 :(得分:0)
根据Jenkins文档here,碎屑现在仅对创建碎屑的Web会话有效。为了解决这个问题,您可以在发出面包屑请求时存储cookie,然后在进行后续API调用时使用存储的cookie。这样您的脚本将变为:
crumb=$(curl --cookie-jar ./cookie -u "jenkins:pwd" -s 'http://yuvi_jenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
curl --cookie ./cookie -u "jenkins:pwd" -H "$crumb" -X POST http://yuvi_jenkins:8080/job/ansible-project/build?delay=0sec
或者,我链接的文档建议将系统属性hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID设置为true,或者使用严格的Crumb Issuer插件来更改Crumb验证以使用诸如时间而不是会话ID之类的东西
感谢https://github.com/spinnaker/spinnaker/issues/2067#issuecomment-544993648帮助我解决了同样的问题