Search code examples
jenkinsjenkins-pipelinemultibranch-pipeline

Is the Jenkins RESTful API locally accessible from inside of a pipeline run?

I know there is a remote access api: https://www.jenkins.io/doc/book/using/remote-access-api/

But is this API accessible via localhost and unauthenticated from inside a pipeline run? I say unauthenticated because it would be hit from inside a pipeline run so auth would not be required.

I tried doing curl -v http://localhost:8080/api from inside a pipeline run and got connect to 127.0.0.1 port 8080 failed: Connection refused.

I already use Jenkins functions like currentBuild.getBuildCauses() etc, but I'd much rather have my deploy scripts interrogate the api for this kind of info instead.

Is it possible to have a local, authenticated, endpoint for the Jenkins rest api (so I would not need a key or user to access it)?

Solution

  • short answer: you can not do actions with jenkins without auth info here

    long answer:

    mb some plugin has this functionality (i havent seen it)

    to use curl for jenkins endpoint you need to use username:api or username/password token like this

    curl http://<username>:<api-token>@<jenkins-server>/

    Jenkinsfile

    withCredentials([usernamePassword(credentialsId: 'api-jenkins-creds', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
  sh 'curl https://$USERNAME:$PASSWORD@<jenkins-server>/'
}

    in jenkins you can create user and password. Store this data in jenkins userpassword credentials and then use in pipeline withCreds()

    import hudson.model.*
import jenkins.model.*
import jenkins.security.*
import jenkins.security.apitoken.*
import hudson.security.HudsonPrivateSecurityRealm
import hudson.security.*
def instance = Jenkins.getInstance()
def backupSecurityRealm = instance.getSecurityRealm()
def hudsonRealm = new HudsonPrivateSecurityRealm(false)
hudsonRealm.createAccount ('api-user-jenkins','api-user-jenkins-password')
instance.setSecurityRealm(hudsonRealm)
instance.save()

    if you need to create token

    def user = User.get('api-user-jenkins'\, false)
def apiTokenProperty = user.getProperty(ApiTokenProperty.class)
def result = apiTokenProperty.tokenStore.addFixedNewToken('apitoken'\, '111fbe861ca0d321d3cc1111f17231ec9f')
user.save()
instance.setSecurityRealm(backupSecurityRealm)
instance.save()

    script can be different because of auth plugin

    there are lot of examples in github

    https://gist.github.com/wiz4host/17ab33e96f53d8e30389827fbf79852e https://gist.github.com/hayderimran7/50cb1244cc1e856873a4