Jenkins input pipeline step filled via POST with CSRF - howto?
I managed to resolve this issue.
Hoping that someone else will benefit from my answer, let me explain how I achieved OPs target.
All that Jenkis Pipeline input step needs is a properly formatted JSON and OK button caption sent to the right URL.
So, the proper syntax is:
curl -X POST -H "Jenkins-Crumb:${JENKINS_CRUMB}" -d json='{"parameter": {"name": "${PARAMETER_NAME}", "value": "${PARAMETER_VALUE}"}}' -d proceed='${SUBMIT_CAPTION}' 'http://j${JENKINS_URL}/job/${JOB_NAME}/${BUILD_ID}/input/${INPUT_ID}/submit'
regards
There is an easier way, simply call the proceedEmpty
URL for the jobs:
curl -X POST -H "Jenkins-Crumb:${JENKINS_CRUMB}" http://${JENKINS_URL}/job/${JOB_NAME}/${BUILD_ID}/input/${INPUT_ID}/proceedEmpty
There is no need to pass in body data.
To abort, use:
curl -X POST -H "Jenkins-Crumb:${JENKINS_CRUMB}" http://${JENKINS_URL}/job/${JOB_NAME}/${BUILD_ID}/input/${INPUT_ID}/abort
I just downloaded the latest stable release of Jenkins (2.7.2) and tested the csrf mechanism and it seems like it worked as expected.
For example, the following command successfully kicked off a job called "test".
curl -X POST -u admin:test --header "Jenkins-Crumb:9c771b9e74d8d1d4b80766b63165c79d" http://localhost:8080/job/test/build
That being said, your command looks like it should work. Could you try the following to narrow down the problem:
- Try to kick off a build using the csrf mechanism rather than using the Jenkins input pipeline. This will at least let us know if it's the csrf that's causing the problem or the plugin.
- Try a newer version of Jenkins (if you're not on the latest stable).
Let me know your results.