using CCtray with Jenkins, while security enabled (using HTTPS)

Asked 5/12, 2012 at 9:46 Answered 16/9, 2016 at 18:56

security jenkins continuous-integration cctray

I configured my Jenkins server to only use HTTPS and enabled security. As well I don't like anybody who's not logged on to see the Dashboard (even if it would be empty). Here for I disabled the 'read' access for 'anonymous'.

So far all this works exactly to my likings :)

But wanting to add some build notification functionality to remote clients by e.g. using something like 'CCtray' I run into trouble. The access to the https://<SERVER>/cc.xml now only works for logged in users. Where I would have liked to be able to get those notifications for 'anonymous'.

Probably combining these wishes is kind of contradictory - I suppose?

Maybe someone has a better idea which could match my likings?

Possibly any other notification tool which can be used???

For the Mercurial hook triggering the sw-builds I can use a construction like

curl --cacert <CERTIFICATE> https://<USER>:<PASSWORD>@<SERVER>/job/MyPROJECT/build?delay=0sec

But a similar approach for the URL in CCtray doesn't seem to work.

Vishinsky answered 5/12, 2012 at 9:46 Comment(1)

One more: Even if I allow 'anonymous' to read - which will allow anybody to see the (agreed empty) dashboard - the CCtray still doesn't connect with HTTPS (probably because of the certificate). Is there a way to query the cc.xml with cctray via HTTPS at all ? Or does it only work with HTTP? – Vishinsky 5/12, 2012 at 10:1

I've just started using the cctray Jenkins transport extension. Early days, but it seems to work as advertised and is connecting to our secure server perfectly happily.

Currently, the only significant limitation seems to be that if your password expires there's no way to re-enter your credentials.

Misfire answered 10/5, 2013 at 8:57 Comment(2)

Likewise I had success with it, even without HTTPS but while using BASIC HTTP Auth – Wireless 27/1, 2016 at 2:55

I have tried and I cannot use this tool with a success for https server. :( I'm adding the extension, it is seen by the cctray, I can put the https server address and credentials, but after all it shows following error: The underlying connection was closed: An unexpected error occurred on a send. Is there anything that I'm doing wrong? Please help. – Hoot 22/3, 2018 at 10:59

For Jenkins servers without anonymous access, you can use Catlight build notification tool. You can provide access token or username/password to authenticate to your server.

I you have a self-signed ssl certificate, make sure that you add it to trusted by OS. That way, most applications will recognize it and connect to server without warnings.

Worst answered 19/4, 2016 at 18:52 Comment(0)

Adding to @MrBlueSky 's answer, you can avoid the password expiration hassle; simply use a Jenkins-issued API Token instead of your password.

Log into Jenkins
Click your username (in the upper right corner)
Click Configure (in the left navbar)
Click Show API Token
Use this token in place of your password when setting up the Jenkins Transport settings

Saying answered 16/9, 2016 at 18:56 Comment(0)

Recommended topics

Hot tags