A common problem DevOps professionals hit when trying to configure a GitHub webhook to remotely invoke a Jenkins build job is the dreaded 403: No valid crumb was included in the request error. Thankfully, there’s a pretty straight forward fix to the problem.
This error is typically caused by using the Jenkins remote build trigger URL on the Jenkins webhook, rather than using the github-webhook URI that is configured as part of the Jenkins GitHub plugin.
If you want a GitHub webhook to trigger a Jenkins build without a 403 no valid crumb error, the Jenkins plugin must be used.
403: No valid crumb fix
To avoid a 403 error when integrating Jenkins and GitHub, follow these three steps when you create the build job and configure the webhook:
- Make sure the Jenkins GitHub plugin is installed in Jenkins
- In your Jenkins build job click the GitHub hook trigger for GITScm polling checkbox
- Do not choose the Trigger builds remotely option
- Create a Jenkins API for the user with rights to run the build job
- In GitHub, create a webhook to trigger the Jenkins GitHub plugin
- Set the GitHub payload as <JENKINS_URL> /github-webhook/
- Set the Jenkins API Token as the webhook’s secret token
- Save the GitHub webhook configuration and watch Jenkins builds run without 403 no crumb errors
Jenkins tokens and Webhook secrets
The Webhook secret used by GitHub is created as an API token in Jenkins for a user who has rights to invoke the build job.
Do not use the remote URL Jenkins provides for invoking builds remotely from scripts or external programs. Instead, use the Jenkins server’s IP address or domain name with /github-webhook/ appended to it.
|Your intro to GitHub Actions training course|
Here’s how to get started with GitHub Actions:
Follow these tutorials and you’ll learn GitHub Actions fast.
With the GitHub webhook to Jenkins configured as a trigger, push commits to your GitHub repository at will. The GitHub server will then invoke our Jenkins instance and your continuous integration build jobs will run.
If you follow these steps, your Jenkins GitHub webhook will run successfully without any 403 no crumb in the request errors slowing you down.