-
Bug
-
Resolution: Not A Defect
-
Major
-
None
After upgrading all plugins over the weekend (2024-01-28), we cannot connect anymore via jenkins CLI.
As far as I know, nothing else changed (security settings, matrix based permissions).
We have never used tokens, but it also doesn't work with a token instead of a password.
java -jar jenkins-cli.jar -s <URL> -auth <user>:<password> build test_job -s -v
Output:
io.jenkins.cli.shaded.jakarta.websocket.DeploymentException: Handshake error. at io.jenkins.cli.shaded.org.glassfish.tyrus.client.ClientManager$3$1.run(ClientManager.java:658) at io.jenkins.cli.shaded.org.glassfish.tyrus.client.ClientManager$3.run(ClientManager.java:696) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at io.jenkins.cli.shaded.org.glassfish.tyrus.client.ClientManager$SameThreadExecutorService.execute(ClientManager.java:849) at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:123) at io.jenkins.cli.shaded.org.glassfish.tyrus.client.ClientManager.connectToServer(ClientManager.java:493) at io.jenkins.cli.shaded.org.glassfish.tyrus.client.ClientManager.connectToServer(ClientManager.java:337) at hudson.cli.CLI.webSocketConnection(CLI.java:364) at hudson.cli.CLI._main(CLI.java:324) at hudson.cli.CLI.main(CLI.java:103) Caused by: io.jenkins.cli.shaded.org.glassfish.tyrus.core.HandshakeException: Response code was not 101: 403. at io.jenkins.cli.shaded.org.glassfish.tyrus.client.TyrusClientEngine.processResponse(TyrusClientEngine.java:301) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.ClientFilter.processRead(ClientFilter.java:167) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:111) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:113) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.SslFilter.handleRead(SslFilter.java:402) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.SslFilter.processRead(SslFilter.java:365) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:111) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:113) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.TransportFilter$4.completed(TransportFilter.java:295) at io.jenkins.cli.shaded.org.glassfish.tyrus.container.jdk.client.TransportFilter$4.completed(TransportFilter.java:279) at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:129) at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:221) at java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:113) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:833)
Server log:
2024-01-29 10:05:29.153+0000 [id=6480] WARNING hudson.security.csrf.CrumbFilter#doFilter: Found invalid crumb d869e825dbe6862e7a4e852110e14ce87459c8e3be40c420a1211f196045cb0b. If you are calling this URL with a script, please use the API Token instead. More information: https://www.jenkins.io/redirect/crumb-cannot-be-used-for-script 2024-01-29 10:05:29.153+0000 [id=6480] WARNING hudson.security.csrf.CrumbFilter#doFilter: No valid crumb was included in request for /widget/ExecutorsWidget/ajax by r.hoehener. Returning 403.