subversion post-commit hook 적용 시 jenkins 응답이 forbidden(403 status) 일 때
jenkins > Configure Global Security 에서 Prevent Cross Site Request Forgery exploits 이 체크되어 있다면 해제 한다.
해제하지 않을 경우 다음 처럼 post-commit 를 작성
More robust *nix post-commit hook example
The basic script above is fine if your server does not do authentication or you have no problem providing anonymous read access to Jenkins (as well as anonymous read to all the individual jobs you want to trigger if you are using project-based matrix authorization). Here is a script that includes the more robust security concepts hinted at in the basic example.
#!/bin/sh
REPOS="$1"
REV="$2"
# No environment is passed to svn hook scripts; set paths to external tools explicitly:
WGET=/usr/bin/wget
SVNLOOK=/usr/bin/svnlook
# If your server requires authentication, it is recommended that you set up a .netrc file to store your username and password
# Better yet, since Jenkins v. 1.426, use the generated API Token in place of the password
# See https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clients
# Since no environment is passed to hook scripts, you need to set $HOME (where your .netrc lives)
# By convention, this should be the home dir of whichever user is running the svn process (i.e. apache)
HOME=/var/www/
UUID=`$SVNLOOK uuid $REPOS`
NOTIFY_URL="subversion/${UUID}/notifyCommit?rev=${REV}"
CRUMB_ISSUER_URL='crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)'
function notifyCI {
# URL to Hudson/Jenkins server application (with protocol, hostname, port and deployment descriptor if needed)
CISERVER=$1
# Check if "[X] Prevent Cross Site Request Forgery exploits" is activated
# so we can present a valid crumb or a proper header
HEADER="Content-Type:text/plain;charset=UTF-8"
CRUMB=`$WGET --auth-no-challenge --output-document - ${CISERVER}/${CRUMB_ISSUER_URL}`
if [ "$CRUMB" != "" ]; then HEADER=$CRUMB; fi
$WGET \
--auth-no-challenge \
--header $HEADER \
--post-data "`$SVNLOOK changed --revision $REV $REPOS`" \
--output-document "-"\
--timeout=2 \
${CISERVER}/${NOTIFY_URL}
}
# The code above was placed in a function so you can easily notify multiple Jenkins/Hudson servers:
notifyCI "http://myPC.company.local:8080"
notifyCI "http://jenkins.company.com:8080/jenkins"
The script above takes care of the Prevent Cross Site Request Forgery exploits option if you have it enabled on your server. If you do not have that option enabled, the extra wget call is harmless, but feel free to remove it if you do not need it. The script above also requires that you set up a .netrc file in the home directory of the user you are running subversion as (either the svnserve process or httpd). For more info on .netrc file syntax, look here. The script above makes it easy to notify multiple Jenkins servers of the same SVN commit. If you have a .netrc file, it keeps it easy even if they have different admin users set up. If you don't want to mess with a .netrc file, you could just hard-code the user and password (or API Token) info in the file and add --username=user and --password="pass" flags to the wget calls.
출처 - https://wiki.jenkins-ci.org/display/JENKINS/Subversion+Plugin
jenkins.log에 다음 에러 발생 시
Jun 08, 2013 4:52:34 AM hudson.scm.SubversionRepositoryStatus doNotifyCommit
WARNING: No subversion jobs found
출처 - https://issues.jenkins-ci.org/browse/JENKINS-9529
설정 예제
'IDE & Build > Jenkins' 카테고리의 다른 글
| jenkins - war 파일 배포 (0) | 2013.06.08 |
|---|---|
| jenkins - 설정 (0) | 2013.06.05 |
| jenkins - installation and update (0) | 2013.06.05 |
| hudson과 jenkins (0) | 2012.04.25 |
| hudson - 참고 사이트 (0) | 2012.04.14 |
