Menu
I have been experiencing problems with bitbucket and their post commit.
http://username:[email protected]/job/myproject/build?token=mytoken
I have a jenkins instance I would like to trigger on push on certain repositories. Since the jenkins is accessible from the outside (the world wide web), it is protected through the typical user/password system.
When working with Github, I can define the usename and password directly in the URL. When checking the nginx logs, it is clear that github is able to convert that url to login the user. Bitbucket is not.
Here are some nginx logs showing the problem.
Bitbucket post logs :
- - "POST /job/myproject/build?token=mytoken HTTP/1.1" 403 216 "-" "Bitbucket.org"
The interesting part is the 403 error. Acces refused.
Same logs for the Github post hook:
- github - "POST /job/myproject/build?token=mytoken HTTP/1.1" 302 0 "-" "-"
AS the logs show, github is the name of the user I created with the good rights for launching builds.
What can I possibly do to enable the post hook?
339
The hooks are located in shared/config/git/template/hooks and are automatically copied inside per-repository hooks directory when you create a new repository. To install a custom hook for an existing repository, do that in shared/data/repositories/<repo_number>/hooks .
To install the hook, you can either create a symlink to it in . git/hooks , or you can simply copy and paste it into the . git/hooks directory whenever the hook is updated. As an alternative, Git also provides a Template Directory mechanism that makes it easier to install hooks automatically.
Git hooks are scripts that run automatically every time a particular event occurs in a Git repository. They let you customize Git's internal behavior and trigger customizable actions at key points in the development life cycle.
If you want to make BitBucket trigger a Jenkins job execution after a commit in your repo, you have two options:
Both using the Jenkins API to trigger the job.
For the POST hook, you basically need to build the url as this:
https://USER:APITOKEN@JENKINS_URL/job/JOBNAME/build?token=TOKEN
where:
The cool thing about this is that you can check if it works just using curl from the console.
Also note there is no password in the url, you have the API TOKEN instead, this is to avoid publishing your user and password. Something else you can do to improve security a little bit, if you have admin rights in the Jenkins server, create a new user with just access rights to read and build jobs, and use it only for this. So you don't have to publish your own user and token, which may have admin rights.
The Jenkins hook works the same way, building the same URL for you, but you don't have the chance to test it (for instance, using curl).
This is based on these documents:
Hope it helps.
Ger
184
This isn't really answering your question, but suggesting another approach. Both bitbucket.org and github.com support ssh keys.
See "Set up SSH for Git"
It is important to setup ssh-agent (explained in that page), as without this you'll be asked to enter a pass phrase instead of username and password.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
