2

I'm trying to setup a continuous integration scenario using Jenkins and a Kiln repository. What I'm having trouble with is setting up a Jenkins webhook in Kiln.

I have a Jenkins build job with a authentication token in the build trigger. And a Jenkins user also with an authentication token.

Using curl, I can trigger the Jenkins build successfully:

curl -i https://<user>:<user-token>@ci.server.com/job/<jobname>/build?token=<build-token>

However, the webhook for Kiln always fails with a 403:

Connection: close
X-Content-Type-Options: nosniff
X-Hudson: 1.395
X-Jenkins: 2.10
X-Jenkins-Session: ce44f96b
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group: 
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead,hudson.model.Hudson.Administer
Content-Length: 985
Content-Type: text/html;charset=UTF-8
Date: Sun, 26 Jun 2016 14:29:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID.8ae67724=1gh7svgbt5la719xs8ivdafz8h;Path=/;Secure;HttpOnly
Server: nginx

Clearly the "authenticated-as: anonymous" seems problematic. I've tried both creating a Jenkins/Hudson specific webhook in Kiln and a custom webhook.

Any clues as to what might be missing would be greatly appreciated.

Cheers, Michael

Michael Josephson
  • 228
  • 2
  • 9

1 Answers1

1

I think Kiln is sending a POST - try repeating the curl as a POST instead.

This might give a clue - I found an error relating to "crumbs" which is the CSRF protection added in Jenkins 2.

As I can't find a way to persuade Kiln to send a GET (I'm not impressed with Kiln Webhooks at all), as a workaround I've disabled CSRF protection on Jenkins. Not at all satisfactory, needs must.

Dick Chesterwood
  • 2,629
  • 2
  • 25
  • 33