diff options
| author | Bjørn Forsman <bjorn.forsman@gmail.com> | 2022-07-12 19:38:41 +0200 |
|---|---|---|
| committer | Bjørn Forsman <bjorn.forsman@gmail.com> | 2022-07-16 12:30:41 +0200 |
| commit | 50eaf82b6f848d2411552c043bd51d0debfefab4 (patch) | |
| tree | 0a82ea9287c5ed4166102fc07f02b8f8a91f33de /pkgs/development/python-modules/rangehttpserver | |
| parent | 5f0abd47121db393579bff441b625812dee481dc (diff) | |
nixos/jenkins-job-builder: fix jenkins authentication
The current authentication code is broken against newer jenkins:
jenkins-job-builder-start[1257]: Asking Jenkins to reload config
jenkins-start[789]: 2022-07-12 14:34:31.148+0000 [id=17] WARNING hudson.security.csrf.CrumbFilter#doFilter: Found invalid crumb 31e96e52938b51f099a61df9505a4427cb9dca7e35192216755659032a4151df. If you are calling this URL with a script, please use the API Token instead. More information: https://www.jenkins.io/redirect/crumb-cannot-be-used-for-script
jenkins-start[789]: 2022-07-12 14:34:31.160+0000 [id=17] WARNING hudson.security.csrf.CrumbFilter#doFilter: No valid crumb was included in request for /reload by admin. Returning 403.
jenkins-job-builder-start[1357]: curl: (22) The requested URL returned error: 403
Fix it by using `jenkins-cli` instead of messing with `curl`.
This rewrite also prevents leaking the password in process listings. (We
could probably do it without `replace-secret`, assuming `printf` is a
shell built-in, but this implementation should be safe even with shells
not having a built-in `printf`.)
Ref https://github.com/NixOS/nixpkgs/issues/156400.
Diffstat (limited to 'pkgs/development/python-modules/rangehttpserver')
0 files changed, 0 insertions, 0 deletions