setup cli

export JENKINS_DOMAIN=<my.jenkins.com>

get port

$ curl -Lv https://${JENKINS_DOMAIN}/login 2>&1 | grep -i 'x-ssh-endpoint'
< x-ssh-endpoint: my.jenkins.com:31232

$ k -n ci get svc jenkins-discovery -o yaml
apiVersion: v1
kind: Service
metadata:
  ...
spec:
  ports:
  - name: jenkins-agent
    nodePort: 3xxxx
    port: 50000
    protocol: TCP
    targetPort: jnlp-port
  - name: cli-agent
    nodePort: 32123
    port: 31232
    protocol: TCP
    targetPort: cli-port
  selector:
    app: jenkins
...
jenkins-cli-port
1.5.6.1 -- jenkins-cli-port

ssh

  • Jenkins config
jenkins-cli-ssh
1.5.6.2 -- jenkins-cli-ssh
  • ~/.ssh/config

    $ cat ~/.ssh/config
    Host  my.jenkins.com
        User                marslo
        IdentityFile        ~/.ssh/marslo
        Port                32123
    
  • using cli

    $ ssh -q ${JENKINS_DOMAIN} help
    add-job-to-view
      Adds jobs to view.
    apply-configuration
      Apply YAML configuration to instance
    build
      Builds a job, and optionally waits until its completion.
    cancel-quiet-down
      Cancel the effect of the "quiet-down" command.
    channel-process
      Launch a new JVM on a slave and connect it with the master with remoting
    ...
    
  • or

    $ ssh -l <user> -i <ssh-private-key> -p <port> ${JENKINS_DOMAIN} <command>
    
    # example
    $ ssh -l marslo -i ~/.ssh/marslo -p 32123 ${JENKINS_DOMAIN} help
    

jenkins-cli.jar

  • get client (jenkins-cli.jar)

    $ curl -fsSL -O [-u<username>:<password>] https://${JENKINS_DOMAIN}/jnlpJars/jenkins-cli.jar
    
    # or
    $ curl -fsSL -O --netrc-file ~/.marslo/.netrc' https://${JENKINS_DOMAIN}/jnlpJars/jenkins-cli.jar
    $ cat ~/.marslo/.netrc
    machine <JENKINS_DOMAIN>
    login myaccount
    password mypassword
    
  • use cli

    $ java -jar jenkins-cli.jar -auth <username>:<password> -s https://${JENKINS_DOMAIN} <command>
    
    # example
    $ java -jar jenkins-cli.jar -auth marslo:<MY-CLI-TOKEN> -s https://${JENKINS_DOMAIN} help
      add-job-to-view
        Adds jobs to view.
      apply-configuration
        Apply YAML configuration to instance
      build
        Builds a job, and optionally waits until its completion.
      cancel-quiet-down
        Cancel the effect of the "quiet-down" command.
      ...
    

handle -auth

  • using directly in command line

    $ java -jar jenkins-cli.jar -auth marslo:<MY-CLI-TOKEN> -s https://${JENKINS_DOMAIN}
    
  • using file

    $ echo 'marslo:<MY-CLI-TOKEN> ~/.marslo/.jenkins-cli'
    $ java -jar jenkins-cli.jar -auth @/Users/marslo/.marslo/.jenkins-cli -s https://${JENKINS_DOMAIN}
    
  • using environment

    $ export JENKINS_USER_ID=marslo
    $ export JENKINS_API_TOKEN=<MY-CLI-TOKEN>
    $ java -jar jenkins-cli.jar -s https://${JENKINS_DOMAIN}
    

execute groovy script via cli

ERROR: This command is requesting the -remoting mode which is no longer supported

$ ssh -q <jenkins.domain.name> groovy <script.groovy>

solution

$ ssh -q <jenkins.domain.name> groovy = < /path/to/script.groovy
  • i.e.:

    $ cat a.groovy
    println System.getProperties().sort().findAll{ it.key.contains('java') }.collect{ "${it.key} ~> ${it.value}" }.join('\n')
    
    $ ssh jenkins.example.com groovy =< ./a.groovy | head -4
    java.awt.graphicsenv ~> sun.awt.X11GraphicsEnvironment
    java.awt.headless ~> true
    java.awt.printerjob ~> sun.print.PSPrinterJob
    java.class.path ~> /usr/share/jenkins/jenkins.war
    ...
    

execute groovysh

$ ssh <jenkins.domina.name> groovysh
groovy:000> println System.getProperties().sort().collect{ "${it.key} ~> ${it.value}" }.join('\n')
awt.toolkit ~> sun.awt.X11.XToolkit
com.cloudbees.workflow.rest.external.ChangeSetExt.resolveCommitAuthors ~> true
executable-war ~> /usr/share/jenkins/jenkins.war
file.encoding ~> UTF-8
file.separator ~> /

execute the script via https

[!TIP|label:references:]

A Jenkins Admin can execute groovy scripts remotely by sending an HTTP POST request to /script/ url or /scriptText/.

  • format

    $ curl -d "script=<your_script_here>" https://jenkins/script
    
    # or to get output as a plain text result (no HTML)
    $ curl -d "script=<your_script_here>" https://jenkins/scriptText
    
  • example : curl submitting groovy file via bash

    $ curl --data-urlencode "script=$(< ./somescript.groovy)" https://jenkins/scriptText
    
    # or
    $ curl --user 'username:api-token' --data-urlencode \
           "script=$(< ./somescript.groovy)" https://jenkins/scriptText
    
  • example : Python submitting groovy file providing username and api token

    with open('somescript.groovy', 'r') as fd:
        data = fd.read()
    r = requests.post('https://jenkins/scriptText', auth=('username', 'api-token'), data={'script': data})
    

execute cil via kubectl

[!TIP|label:references:]

$ kubectl exec -it po/jenkins-0 -c jenkins -- bash -c
    'echo \'println(hudson.util.Secret.fromString("test").getEncryptedValue())'
    | java -jar /var/jenkins_home/war/WEB-INF/lib/cli-2.303.1.jar
    s http://0.0.0.0:8080
    auth Admin:$(cat /run/secrets/chart-admin-password)
    groovy = '
{AQAAABAAAAAQGiN0B2weIsYfpg0LqBbM7WSBn9+zSBcH4OXyYpaVVig=}
$

man cli

CMD DESCRIPTION
add-job-to-view Adds jobs to view.
apply-configuration Apply YAML configuration to instance
build Builds a job, and optionally waits until its completion.
cancel-quiet-down Cancel the effect of the "quiet-down" command.
check-configuration Check YAML configuration to instance
clear-queue Clears the build queue.
connect-node Reconnect to a node(s)
console Retrieves console output of a build.
copy-job Copies a job.
create-credentials-by-xml Create Credential by XML
create-credentials-domain-by-xml Create Credentials Domain by XML
create-job Creates a new job by reading stdin as a configuration XML file.
create-node Creates a new node by reading stdin as a XML configuration.
create-view Creates a new view by reading stdin as a XML configuration.
declarative-linter Validate a Jenkinsfile containing a Declarative Pipeline
delete-builds Deletes build record(s).
delete-credentials Delete a Credential
delete-credentials-domain Delete a Credentials Domain
delete-job Deletes job(s).
delete-node Deletes node(s)
delete-view Deletes view(s).
disable-job Disables a job.
disable-plugin Disable one or more installed plugins.
disconnect-node Disconnects from a node.
enable-job Enables a job.
enable-plugin Enables one or more installed plugins transitively.
export-configuration Export jenkins configuration as YAML
get-credentials-as-xml Get a Credentials as XML (secrets redacted)
get-credentials-domain-as-xml Get a Credentials Domain as XML
get-gradle List available gradle installations
get-job Dumps the job definition XML to stdout.
get-node Dumps the node definition XML to stdout.
get-view Dumps the view definition XML to stdout.
groovy Executes the specified Groovy script.
groovysh Runs an interactive groovy shell.
help Lists all the available commands or a detailed description of single command.
import-credentials-as-xml Import credentials as XML. The output of "list-credentials-as-xml" can be used as input here as is, the only needed change is to set the actual Secrets which are redacted in the output.
install-plugin Installs a plugin either from a file, an URL, or from update center.
keep-build Mark the build to keep the build forever.
list-changes Dumps the changelog for the specified build(s).
list-credentials Lists the Credentials in a specific Store
list-credentials-as-xml Export credentials as XML. The output of this command can be used as input for "import-credentials-as-xml" as is, the only needed change is to set the actual Secrets which are redacted in the output.
list-credentials-context-resolvers List Credentials Context Resolvers
list-credentials-providers List Credentials Providers
list-jobs Lists all jobs in a specific view or item group.
list-plugins Outputs a list of installed plugins.
mail Reads stdin and sends that out as an e-mail.
offline-node Stop using a node for performing builds temporarily, until the next "online-node" command.
online-node Resume using a node for performing builds, to cancel out the earlier "offline-node" command.
quiet-down Quiet down Jenkins, in preparation for a restart. Don’t start any builds.
reload-configuration Discard all the loaded data in memory and reload everything from file system. Useful when you modified config files directly on disk.
reload-jcasc-configuration Reload JCasC YAML configuration
reload-job Reload job(s)
remove-job-from-view Removes jobs from view.
replay-pipeline Replay a Pipeline build with edited script taken from standard input
restart Restart Jenkins.
restart-from-stage Restart a completed Declarative Pipeline build from a given stage.
safe-restart Safely restart Jenkins.
safe-shutdown Puts Jenkins into the quiet mode, wait for existing builds to be completed, and then shut down Jenkins.
session-id Outputs the session ID, which changes every time Jenkins restarts.
set-build-description Sets the description of a build.
set-build-display-name Sets the displayName of a build.
set-external-build-result Set external monitor job result.
shutdown Immediately shuts down Jenkins server.
stop-builds Stop all running builds for job(s)
update-credentials-by-xml Update Credentials by XML
update-credentials-domain-by-xml Update Credentials Domain by XML
update-job Updates the job definition XML from stdin. The opposite of the get-job command.
update-node Updates the node definition XML from stdin. The opposite of the get-node command.
update-view Updates the view definition XML from stdin. The opposite of the get-view command.
version Outputs the current version.
wait-node-offline Wait for a node to become offline.
wait-node-online Wait for a node to become online.
who-am-i Reports your credential and permissions.
Copyright © marslo 2020-2023 all right reserved,powered by GitbookLast Modified: 2024-03-12 15:01:28

results matching ""

    No results matching ""