9

I have set up Jenkins with the Github plugin on my test server. I have secured Jenkins by only allowing authenticated users (anonymous users don't have any rights) and secure connections.

Unfortunately the post-commit hook offered by Github doesn't seem to work in my case. I've tried to access the URL at https://jenkins.on.my.server/github-webhook/ manually and it gave me a "net.sf.json.JSONException: null object" error, which is fine since I didn't post any JSON along with my request.

My question:

I have secured Jenkins with authenticated users, thus I have to use a URL in the format https://user@pw:jenkins.on.my.server/github-webhook/, right? As I don't want to post the credentials all over the net, can I use a secure connection as post-commit hook for Github?

stdll
  • 687
  • 4
  • 21

4 Answers4

3

See my blog post on this issue:

http://fourkitchens.com/blog/2011/09/20/trigger-jenkins-builds-pushing-github

We successfully use https URLS, and yes it does support the syntax you have there (it should be username:password@jenkins.on.my.server, as Sasa Djolic points out).

Make sure the the job itself it correctly configured, so when it builds, it's correctly connecting to Github and cloning the repository.

Remember that the Jenkins plugin automatically decides which jobs to build using the incoming POST data, so the jobs need to be correctly setup and building, before a remote trigger will work.

Also, ensure that the user you setup in Jenkins has the correct permissions (Overall read, Job create and Job read) as suggested here:

Jenkins and GitHub webhook: HTTP 403

Community
  • 1
  • 1
Mark Theunissen
  • 2,406
  • 2
  • 17
  • 14
2

After having fiddled around with this for quite some time, I ended up using the excellent Github OAuth Plugin for Jenkins. To quote the documentation:

Since version 0.4 there is a way to authorize the use of the github-webhook callback url to receive post commit hooks from Github.

Along with the Github Plugin which triggers the build, this works most elegantly!

stdll
  • 687
  • 4
  • 21
  • Do you still have to set a post-commit hook in this case? – Doug Tabuchi Feb 21 '12 at 20:29
  • Yes, the communication from Github to Jenkins is still done via the post-commit hook. The Github OAuth plugin solves my problem because I can exclude the hook's URL from being secured, thus allowing Github to notify me of commits. – stdll Feb 22 '12 at 14:45
  • 1
    If you use Github OAuth, don't forget to check 'Grant READ permissions for /github-webhook', which will allow the webhook to be executed by the Github servers without authentication. This wasn't enabled by default when I installed the plugin, and took a little digging to uncover why my builds weren't triggered. – qnm Jun 13 '12 at 22:59
1

I encountered the same problem - you can avoid using the github oauth plugin using:

http://user:pw@jenkins.on.my.server

benzguo
  • 176
  • 1
  • 4
0

Not sure if Github supports HTTPS and URLs with username and password in them, but the URL you listed does not correctly include the username and password - it should instead look like this:

https://user:pw@jenkins.on.my.server/github-webhook/

Sasa Djolic
  • 9
  • 1