Closed cliffano closed 8 years ago
Kohsuke wrote here http://blog.cloudbees.com/2011/06/public-key-authentication-in-jenkins.html that it's plain impossible to OAuth Jenkins from a CLI client.
@wolfeidau It looks like the only alternative is to use Jenkins API token. You can find your token on https://yourjenkinshost/user/yourusername/configure , there's a button 'Show API Token'. JENKINS_URL=https://yourusername:yourapitoken@yourjenkinshost nestor dashboard
However, I've tried it and I got an error from the GitHub Auth security realm. I raised this JIRA issue https://issues.jenkins-ci.org/browse/JENKINS-17916 to chase it up.
Worth investigating https://help.github.com/articles/creating-an-access-token-for-command-line-use
+1. For reference, I'm invoking nestor in the following way:
JENKINS_URL=http://icio:JENKINS_API_KEY@our-jenkins-server.net nestor build ... -c
and receiving the following error:
<html><head><title>Error 500</title></head><body bgcolor="#ffffff"><h1>Status Code: 500</h1>Exception: <br>Stacktrace: <pre>java.lang.NullPointerException
at org.jenkinsci.plugins.GithubSecurityRealm.loadGroupByGroupname(GithubSecurityRealm.java:459)
at org.jenkinsci.plugins.GithubSecurityRealm.loadUserByUsername(GithubSecurityRealm.java:428)
at hudson.model.User.impersonate(User.java:256)
at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:52)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227)
at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:679)
</pre><br><hr size="1" width="90%"><i>Generated by Winstone Servlet Engine v0.9.10 at Fri Dec 13 11:59:24 UTC 2013</i></body></html>
I have confirmed that the authentication is happening by passing in an invalid Jenkins API key and receiving "Authentication failed - incorrect username and/or password in Jenkins URL" as expected.
@icio That's exactly the same stack trace that I reported, please vote this Jira issue https://issues.jenkins-ci.org/browse/JENKINS-17916 .
JENKINS-17916 was closed https://issues.jenkins-ci.org/browse/JENKINS-17916 with a note that the problem can no longer be reproduced. I currently don't have any public facing Jenkins instance to test this out.
Closing this issue for now, if anyone can reproduce the problem again, please feel free to re-open.
Nestor does not authenticate when Jenkins is setup with GitHub OAuth plugin https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin .