Bitbucket 上的 POST 钩子 [英] POST hook on Bitbucket

问题描述

我在使用 bitbucket 及其提交后遇到问题.

I have been experiencing problems with bitbucket and their post commit.

http://username:password@myjenkins.instance/job/myproject/build?token=mytoken

我有一个 jenkins 实例，我想在推送某些存储库时触发.由于 jenkins 可以从外部(万维网)访问，因此它通过典型的用户/密码系统受到保护.

I have a jenkins instance I would like to trigger on push on certain repositories. Since the jenkins is accessible from the outside (the world wide web), it is protected through the typical user/password system.

使用 Github 时，我可以直接在 URL 中定义用户名和密码.检查 nginx 日志时，很明显 github 能够转换该 url 以登录用户.Bitbucket 不是.

When working with Github, I can define the usename and password directly in the URL. When checking the nginx logs, it is clear that github is able to convert that url to login the user. Bitbucket is not.

这里是一些显示问题的 nginx 日志.

Here are some nginx logs showing the problem.

Bitbucket 发布日志:

- - "POST /job/myproject/build?token=mytoken HTTP/1.1" 403 216 "-" "Bitbucket.org"

有趣的部分是 403 错误.访问被拒绝.

The interesting part is the 403 error. Acces refused.

Github post hook 的相同日志:

- github - "POST /job/myproject/build?token=mytoken HTTP/1.1" 302 0 "-" "-"

如日志所示，github 是我创建的具有启动构建的良好权限的用户的名称.

AS the logs show, github is the name of the user I created with the good rights for launching builds.

我可以做些什么来启用 post hook?

What can I possibly do to enable the post hook?

推荐答案

如果你想让 BitBucket 在你的 repo 提交后触发 Jenkins 作业执行，你有两个选择:

If you want to make BitBucket trigger a Jenkins job execution after a commit in your repo, you have two options:

• 使用 POST 钩子
• 使用 Jenkins 钩子

两者都使用 Jenkins API 来触发作业.

Both using the Jenkins API to trigger the job.

对于 POST 钩子，您基本上需要像这样构建 url:

For the POST hook, you basically need to build the url as this:

https://USER:APITOKEN@JENKINS_URL/job/JOBNAME/build?token=TOKEN

哪里:

• USER:是将触发作业的 Jenkins 用户
• APITOKEN:是与该用户相关联的令牌，用于允许使用该 API，您可以从 Jenkins 中的用户配置页面获取它
• JENKINS_URL:您的 jenkins 服务器的网址
• JOBNAME:工作名称
• TOKEN:作业关联的令牌，必须在作业配置页面添加(启用远程触发器)

• USER: is the Jenkins user that will trigger the job
• APITOKEN: is a token associated to that user to allow the use of the API, you can get it from the user configuration page in Jenkins
• JENKINS_URL: the url of your jenkins server
• JOBNAME: the name of the job
• TOKEN: the token associated to the job, you must add it in the job configuration page (enable remote triggers)

这个很酷的一点是，你可以在控制台中使用 curl 来检查它是否有效.

The cool thing about this is that you can check if it works just using curl from the console.

还要注意url中没有密码，你有API TOKEN代替，这是为了避免发布你的用户和密码.您还可以做一些其他事情来稍微提高安全性，如果您在 Jenkins 服务器中拥有管理员权限，请创建一个仅具有读取和构建作业访问权限的新用户，并且仅将其用于此目的.因此您不必发布自己的用户和令牌，它们可能具有管理员权限.

Also note there is no password in the url, you have the API TOKEN instead, this is to avoid publishing your user and password. Something else you can do to improve security a little bit, if you have admin rights in the Jenkins server, create a new user with just access rights to read and build jobs, and use it only for this. So you don't have to publish your own user and token, which may have admin rights.

Jenkins 钩子的工作方式相同，为您构建相同的 URL，但您没有机会对其进行测试(例如，使用 curl).

The Jenkins hook works the same way, building the same URL for you, but you don't have the chance to test it (for instance, using curl).

这是基于这些文件:

• Jenkins 远程访问 API(提交作业)
• Jenkins 钩子管理(查看评论)
• 将 BitBucket 与 Jenkins 连接(如果您愿意，这非常有用尝试 Jenkins 钩子)

• Jenkins Remote Access API (submitting jobs)
• Jenkins hook management (check out the comments)
• Hooking BitBucket up with Jenkins (this is VERY useful if you want to try the Jenkins hook)

希望有帮助.

德国

这篇关于Bitbucket 上的 POST 钩子的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！