Is the Jenkins RESTful API locally accessible from inside of a pipeline run?

Question

I know there is a remote access api: https://www.jenkins.io/doc/book/using/remote-access-api/

But is this API accessible via localhost and unauthenticated from inside a pipeline run? I say unauthenticated because it would be hit from inside a pipeline run so auth would not be required.

I tried doing curl -v http://localhost:8080/api from inside a pipeline run and got connect to 127.0.0.1 port 8080 failed: Connection refused.

I already use Jenkins functions like currentBuild.getBuildCauses() etc, but I'd much rather have my deploy scripts interrogate the api for this kind of info instead.

Is it possible to have a local, authenticated, endpoint for the Jenkins rest api (so I would not need a key or user to access it)?

Answer 1

short answer: you can not do actions with jenkins without auth info here

long answer:

mb some plugin has this functionality (i havent seen it)

---

to use curl for jenkins endpoint you need to use username:api or username/password token like this

curl http://<username>:<api-token>@<jenkins-server>/

Jenkinsfile

withCredentials([usernamePassword(credentialsId: 'api-jenkins-creds', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
  sh 'curl https://$USERNAME:$PASSWORD@<jenkins-server>/'
}

in jenkins you can create user and password. Store this data in jenkins userpassword credentials and then use in pipeline withCreds()

import hudson.model.*
import jenkins.model.*
import jenkins.security.*
import jenkins.security.apitoken.*
import hudson.security.HudsonPrivateSecurityRealm
import hudson.security.*
def instance = Jenkins.getInstance()
def backupSecurityRealm = instance.getSecurityRealm()
def hudsonRealm = new HudsonPrivateSecurityRealm(false)
hudsonRealm.createAccount ('api-user-jenkins','api-user-jenkins-password')
instance.setSecurityRealm(hudsonRealm)
instance.save()

if you need to create token

def user = User.get('api-user-jenkins'\, false)
def apiTokenProperty = user.getProperty(ApiTokenProperty.class)
def result = apiTokenProperty.tokenStore.addFixedNewToken('apitoken'\, '111fbe861ca0d321d3cc1111f17231ec9f')
user.save()
instance.setSecurityRealm(backupSecurityRealm)
instance.save()

script can be different because of auth plugin

there are lot of examples in github

https://gist.github.com/wiz4host/17ab33e96f53d8e30389827fbf79852e https://gist.github.com/hayderimran7/50cb1244cc1e856873a4

Answer 2

If you don't want to use the authentification and get kind of the same informations that you could with the API, you might want to check Jenkins.instance. This gives you access to a lot of things in your Jenkins server. However, it is not an interaction with the API.

It is a bit tricky to use and there's not really a documentation about it, but it is really useful and powerful.

Something you can begin with :

Jenkins.instance.getView('All').getBuilds.finAll(){
  it.getResult().equals(null)
} //will get you all currently running jobs or pipelines