Jenkins and GitHub webhook: HTTP 403

troutwine picture troutwine · Sep 15, 2011 · Viewed 32.5k times · Source

I have a GitHub repository which I would like to have notify Jenkins of new commits via a post-receive hook. I've installed the GitHub plugin into Jenkins and have allowed for Jenkins to manage it's own hook URLs. The project has the correct git repository URL and is instructed to "Build when a change is pushed to GitHub". When I have GitHub send a test payload I find this in the nginx webserver that front's Jenkins:

207.97.227.233 - - [15/Sep/2011:07:36:51 +0000] "POST /github-webhook/ HTTP/1.1" 403 561 "-" "-"

I was running SSL so I disabled it to no effect. Do I need to provide special permissions to an anonymous user in the permissions matrix?

Please forgive the lack of configuration files: I'm happy to share those that might exist but I don't know what might be useful to share.

Answer

troutwine picture troutwine · Sep 15, 2011

As I don't allow anonymous access, it turns out I needed to create a specific user for GitHub pushes and to grant it Overall read, Job create and Job read. It was also necessary to bundle the authentication into the webhook URL, like so:

https://foo:[email protected]/github-webhook/