jenkins_obj.plugin.install Method No Longer Working w/ Jenkins v 2.192 #287
Description
Greetings!
It appears the aforementioned line no longer works when interacting w/ Jenkins v2.192 as it throws the following error:
plugin_arr = ['slack', 'htmlpublisher']
jenkins_obj = JenkinsApi::Client.new(
server_ip: jenkins_ip,
server_port: port,
username: username,
password: password,
follow_redirects: true,
ssl: ssl_bool,
proxy_protocol: proxy_protocol,
proxy_ip: proxy_ip,
proxy_port: proxy_port
)
jenkins_obj.plugin.install(plugin_arr)
I, [2019-08-29T20:58:15.629510 #11064] INFO -- : Crumbs turned on. Fetching from the server.
E, [2019-08-29T20:58:15.746594 #11064] ERROR -- : JenkinsApi::Exceptions::Forbidden: Access denied. Please ensure that Jenkins is set up to allow access to this operation.
I, [2019-08-29T20:58:15.808972 #11064] INFO -- : Crumb expired. Refetching from the server.
I, [2019-08-29T20:58:15.873932 #11064] INFO -- : Retrying: 1 out of 3 times...
E, [2019-08-29T20:58:15.943977 #11064] ERROR -- : JenkinsApi::Exceptions::Forbidden: Access denied. Please ensure that Jenkins is set up to allow access to this operation.
I, [2019-08-29T20:58:16.012773 #11064] INFO -- : Crumb expired. Refetching from the server.
I, [2019-08-29T20:58:16.084756 #11064] INFO -- : Retrying: 2 out of 3 times...
E, [2019-08-29T20:58:16.153777 #11064] ERROR -- : JenkinsApi::Exceptions::Forbidden: Access denied. Please ensure that Jenkins is set up to allow access to this operation.
I, [2019-08-29T20:58:16.220758 #11064] INFO -- : Crumb expired. Refetching from the server.
I, [2019-08-29T20:58:16.280291 #11064] INFO -- : Retrying: 3 out of 3 times...
E, [2019-08-29T20:58:16.280534 #11064] ERROR -- : JenkinsApi::Exceptions::ForbiddenWithCrumb: Access denied. Please ensure that Jenkins is set up to allow access to this operation. A crumb was used in attempt to access operation. Access denied. Please ensure that Jenkins is set up to allow access to this operation.
JenkinsApi::Exceptions::ForbiddenWithCrumb: Access denied. Please ensure that Jenkins is set up to allow access to this operation. A crumb was used in attempt to access operation. Access denied. Please ensure that Jenkins is set up to allow access to this operation.
from /usr/local/rvm/gems/ruby-2.6.3@csi/gems/jenkins_api_client-1.5.3/lib/jenkins_api_client/client.rb:420:in `rescue in api_post_request'
Caused by JenkinsApi::Exceptions::Forbidden: Access denied. Please ensure that Jenkins is set up to allow access to this operation.
from /usr/local/rvm/gems/ruby-2.6.3@csi/gems/jenkins_api_client-1.5.3/lib/jenkins_api_client/client.rb:784:in `handle_exception'
I've tested this doesn't occur when running against Jenkins 2.190...upgrade to 2.192 and the error described above occurs. It looks like it's due to some security fixes:
https://jenkins.io/changelog/
https://jenkins.io/security/advisory/2019-08-28/ >>
SECURITY-1491 / CVE-2019-10384
It looks like for whatever reason jenkins_obj.crumbs_enabled is nil when instantiating the JenkinsApi::Client class.