You can trigger a dependent (or other) job in Jenkins automatically from your current job. This way you can have multi-step builds or job chain. One of the use case scenarios for this is - let's say you have a parent build that creates a EAR file which relies on the successful completion of the child build(s) which creates some jar files.
In some situation, you also need to pass the parameters and their values while triggering the other build. But what to do, if you pass the parameter when triggering a job, but the parameter is not available in the triggered job?
Here we will examine the these situations and possible resolutions:
Let's say, if I have a build job called <<build_jars_no_param>>, it compiles source code and creates bunch of Jars files, which will be used by a EAR file created by <<build_ear>> job. So, as soon as the <<build_jars_no_param>> job is completed, I want <<build_ear>> job is kicked off.
In this case, I just need to define following in the Post Build Action of <<build_jars_no_param>> job as follows:
You may be interested reading the following Jenkins related blog:
How to Retrieve Info Using Jenkins Remote Access API
Jenkins Pipeline - Few Troubleshooting Tips
In some situation, you also need to pass the parameters and their values while triggering the other build. But what to do, if you pass the parameter when triggering a job, but the parameter is not available in the triggered job?
Here we will examine the these situations and possible resolutions:
1) Triggering the other job without passing the parameter(s):
If you don't need to pass the parameters, then it's easy. You can just use either the <<Build Other Projects>> as a Post Build Action for your current job or <<Build after other projects are built>> as a Build Triggers for the other job.Let's say, if I have a build job called <<build_jars_no_param>>, it compiles source code and creates bunch of Jars files, which will be used by a EAR file created by <<build_ear>> job. So, as soon as the <<build_jars_no_param>> job is completed, I want <<build_ear>> job is kicked off.
In this case, I just need to define following in the Post Build Action of <<build_jars_no_param>> job as follows:
 |
| Post Build Action - Build Other Projects |
This triggers the <<build_ear>> job once the <<build_jars_no_param>> job is successfully completed. Multiple projects can be specified delimited by comma in the "Projects to build" input field.
Other than building the other projects that have a dependency on the current project, this can also be used to split a long build process into multiple jobs.
2) Triggering the other job with parameter(s) and their value(s)
If you need to pass the parameters along with triggering the other job, you can use Parameterized Trigger Plugin (https://wiki.jenkins.io/display/JENKINS/Parameterized+Trigger+Plugin) and this can be used both as a Pre Steps or as a Post Steps. This call also provides option to block the current job until the completion of the triggered builds.
However, there is a security related catch with the use of Parameterized Trigger Plugin. This is one of the Plugins affected by fix for SECURITY-170/CVE-2016-3721. After this fix, Jenkins only allows build parameters that have been explicitly defined in a job's configuration. Any other arbitrary parameters added to a build by plugins will not be available by default.
So, your triggered job (with parameters passing), which might have worked in the prior version (the fix was first included in Jenkins versions 1.651.2 and Jenkins 2.3) is not working in the newer version of Jenkins.
Here are three ways to resolve:
- Work-around #1: restore the previous behavior by setting the system property:
This could be a security risk, so use it just as a short-term workaround only.-Dhudson.model.ParametersAction.keepUndefinedParameters=true
Example: java -Dhudson.model.ParametersAction.keepUndefinedParameters=true -jar jenkins.war
- Work-around #2: white-list parameters by setting system property
-Dhudson.model.ParametersAction.safeParameters=<comma-separated list of safe parameter names>
Example: java -Dhudson.model.ParametersAction.safeParameters=FOO,BAR,ref_release_number -jar jenkins.war
- Convert/define the other job (the job to be triggered from your current job) with parameters using option "This project is parameterized" in the General section of the job definition.
From the security point of view, the 3rd option is the preferred option. However, if you have legacy jobs and looking for short term work-around before (re) defining a triggered jobs to be a parameterized projects, you can use option #1 or #2. Option #2 is better than #1, because option #1, just blindly restores the previous behavior.
Let's look through an example:
1) I've a project called <<build_ear>> which calls <<build_jars_with_params>> job. Below diagram shows the Pre Steps setting of <<build_ear>> project, and as you can see it defines parameter ref_release_number=2.1.0.${BUILD_NUMBER} to be passed to the triggered job.
 |
| Pre Steps - defining a job to be triggered from this project. |
On the other hand, here is how I'm testing the the value of the passed parameters in the <<build_jars_with_params>> downstream/triggered project.
 |
| Triggered job - testing the passed parameter. |
I'm using Jenkins ver. 2.150.1, which means it includes the fix for SECURITY-170, and I don't see the value of the passed parameter.
 |
| Passed parameter is not available in downstream job |
Now, let me use the above mentioned resolution options:
1st option (work-around), I'll have to start the Jenkins with '-Dhudson.model.ParametersAction.keepUndefinedParameters=true'option:
And here, the triggered job, shows the value of ${ref_release_number}
 |
| Passed parameter (from upstream job) is available in triggered job. |
Use 2nd option. Here I'm starting Jenkins with '-Dhudson.model.ParametersAction.safeParameters=ref_release_number' system property so that 'ref_release_number' is considered as a safe parameter.
 |
| Define all parameters to be passed to triggered job as safe parameters using system property. |
And here, the triggered job, shows the value of ${ref_release_number}
 |
| Passed parameter (from upstream job) is available in triggered job. |
Now, here is how to use the 3rd (preferred) option. For this, I have to redefine the <<build_jars_with_params>> as a parameterized project and add 'ref_release_number' as an input parameter.
 |
| Define triggered job as a parameterized project. |
When my triggered (downstream) job is defined as a parameterized project and I define the parameter 'ref_release_number' here, my upstream job can safely pass this parameter when triggering this job and Jenkins will allow it, no more work-around.
So, here I'm starting Jenkins without any system properties:
And my triggered job still correctly displays the value of the paramter passed from upstream job:
How to Retrieve Info Using Jenkins Remote Access API
Jenkins Pipeline - Few Troubleshooting Tips
