Arun Sangal Arun Sangal - 1 month ago 12
reST (reStructuredText) Question

Trigger Jenkins build REST Call - webhook - RFC 1918 - AWS Ec2

What I already know: Using Jenkins Rest API (using Curl command line way, Groovy, Python etc) way, Im able to successfully initiate a Jenkins build from my local machine or any other host locally. There are lots of posts/blogs online which give good info about the same. Anonymous user has overall READ access in Jenkins security, and Im using API key user ID and token key to run these successfully.

My issue Case:


  1. In my case, Jenkins master/instance is running in AWS ec2 instance.

  2. My company's webapp is designed to create alerts (which are raised by the webapp automatically so a user can see them and find the cause of that alert). For these alerts, I'm getting email notifications and Slack messages as well.

  3. In the webapp, a user can create various alerts, for example "memory or free disk less than 900M" etc, by creating a query/condition for that alert to trigger. This alert part works.

  4. This webapp also allows a user to create web hookup. The web hookup can be configured to various trigger methods like notify Slack with some meaningful info in a user defined Slack #channel or create a Pagerduty alert or email notification or call a REST API call end point.

  5. An alert (bullet 3) can be tied / configured to a given web hookup (bullet 4).



My understanding is, that the webapp is running in a different Amazon VPC than the VPC where Jenkins instance is running.

What I'm trying to do is: Create a simple alert in the webapp, then create a web hookup where I will call a Jenkins job RESTful way and pass some parameters to initiate a build / run (which will do some necessary action).

As VPCs are different --or-- due to some other reason (may be the webapp doesn't support RFC1918 supported Webhooks), I think due to RFC 1918 mechanism, Im not able to initiate a Jenkins build from my web app's webhook which is triggering the Jenkins Rest API endpointand getting the following error message.

Im getting the following error message through the web hookup logs.

Whoops

Cannot save notification receiver, please try again. (400) Bad Request URL validation failed. URI host does not resolve to a public ip. :
https://jenkins.server.company.com/job/Ops/job/recycleOrCleanupDiskMemoryResources/build?token=xxshenzi


Is there any way I can resolve this. Do I need to spin up / create a Amazon API Gateway to front Jenkins (to get rid of this issue) i.e. webhookup will talk to Amazon API gayeway and that will direct the request to Jenkins instance via Restful call? I don't want to make it complicated so looking for an easy implementation.

Answer

Since the error message says "URI host does not resolve to a public ip", it sounds like the DNS name for the Jenkins host is resolving to a non-routable IP address within the VPC where Jenkins is running. API Gateway does not currently support the ability to call endpoints within a customer's VPC, so it will not help in this case. (This is a frequently requested feature and we hope to add it to API Gateway at some point in the future.)

In order to make this work today, you would need to make the Jenkins host accessible via the Internet, either by assigning it a public IP or by adding to the VPC a load balancer or proxy which can route Internet traffic to the Jenkins host.