[Issue 178] New - Needed an easy way to trigger builds remotely from scripts

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Issue 178] New - Needed an easy way to trigger builds remotely from scripts

vsizikov
https://hudson.dev.java.net/issues/show_bug.cgi?id=178
                 Issue #|178
                 Summary|Needed an easy way to trigger builds remotely from scr
                        |ipts
               Component|hudson
                 Version|current
                Platform|All
              OS/Version|All
                     URL|
                  Status|NEW
       Status whiteboard|
                Keywords|
              Resolution|
              Issue type|ENHANCEMENT
                Priority|P3
            Subcomponent|www
             Assigned to|issues@hudson
             Reported by|vsizikov






------- Additional comments from [hidden email] Thu Nov 23 21:20:51 +0000 2006 -------
It's hard to trigger new builds remotely from scripts if Hudson's security
option is enabled.

And it seems to me that requiring users to know full admin password
(and this password is not only for Hudson admins, but for _entire_
server, such as Tomcat) is rather dangerous, not to mention that it's quite
inconvenient for for script writers.

We need more fine-tuned approach to security. And it seems that there
are two major use cases here:

1. Hudson administration via GUI. Users should know admin password,
   as usual.

2. Remotely triggering the build via scripts, hooks, etc. Obviously,
   those who want this functionality, don't need to know full admin
   password.

As for the solution that satisfies both cases,
how about, for example, Project-level configuration option, like
"An authorization token to remotely trigger the build", and a string
value.

Then, projects who would like to have remotely-triggered builds, would
enable that option, and provide a string (sort of like password).

Next, any access to URL like
hudson/job/name/build?token=AUTH_TOKEN_HERE
would trigger the build.

By using this or similar approach we'll allow to start builds remotely
without much problems (no auth via POST, cookies, sessions and all
that craziness) and at the same time we'll not compromise full Hudson
and server security. And those projects that don't want this
functionality, will have it disabled in config altogether.

I'll have a rough patch ready and currently testing it.
Will submit shortly.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]