Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Jenkins: 403 No valid crumb was included in the request

I configured jenkins in spinnaker as follows and setup spinnaker pipeline.

 jenkins:     # If you are integrating Jenkins, set its location here using the baseUrl     # field and provide the username/password credentials.     # You must also enable the "igor" service listed separately.     #     # If you have multiple jenkins servers, you will need to list     # them in an igor-local.yml. See jenkins.masters in config/igor.yml.     #     # Note that jenkins is not installed with Spinnaker so you must obtain this     # on your own if you are interested.     enabled: ${services.igor.enabled:false}     defaultMaster:       name: default       baseUrl: http://server:8080       username: spinnaker       password: password 

But I am seeing following error when trying to run spinnaker pipeline.

Exception ( Start Jenkins Job ) 403 No valid crumb was included in the request

like image 468
Balkrishna Avatar asked Jun 23 '17 01:06

Balkrishna


People also ask

What is no valid Crumb was included in the request?

This script will return an error code if one of the curl command fails for any reason. Show activity on this post. So, not sure if that's a bug or not, but "No valid crumb was included in the request" could also mean you accidentally forgot the Authorization header.

How do I get Crumb in Jenkins?

GOTO: Jenkins > Manage Jenkins > Configure Global Security and enable Prevent Cross Site Request Forgery exploits . Select Default Crumb Issuer from Crumb Algorithm and save to apply changes and enable.


2 Answers

Finally, this post helped me to do away with the crumb problem but still securing Jenkins from CSRF attack.

Solution for no-valid crumb included in the request issue

Basically, we need to first request for crumb with authentication and then issue POST api calls with crumb as a header along with authentication again.

This is how I did it,

curl -v -X GET http://jenkins-url:8080/crumbIssuer/api/json --user <username>:<password> 

Response was,

{ "_class":"hudson.security.csrf.DefaultCrumbIssuer", "crumb":"0db38413bd7ec9e98974f5213f7ead8b", "crumbRequestField":"Jenkins-Crumb" } 

Then the POST api with above crumb information in it.

curl -X POST http://jenkins-url:8080/job/<job-name>/build --user <username>:<password> -H 'Jenkins-Crumb: 0db38413bd7ec9e98974f5213f7ead8b' 
like image 143
Santosh Kumar Arjunan Avatar answered Sep 19 '22 07:09

Santosh Kumar Arjunan


This solution is SAFE to use

came along this issue when we changed jenkins to be accessible via reverse proxy.

There is an option in the "Configure Global Security" that "Enable proxy compatibility" This helped with my issue.

enter image description here

Other Solution

in Github payload URL make your url look like this
https://jenkins:8080/github-webhook/ Dont forget to metion / at the end

like image 23
sachin_ur Avatar answered Sep 21 '22 07:09

sachin_ur