Issue
I have created an agent, and I would like to dynamically retrieve the secret key to start up the agent.
Resolution
Only users with a certain level of permissions can retrieve this information:
-
as a non-administrator user, a solution is to download the jenkins-agent.jnlp and parse it to get the secret
-
as a administrator, a solution is to run a groovy script using the Jenkins CLI or the Jenkins REST API
For any users
You can download the "jenkins-agent.jnlp" file at $NODE_URL/jenkins-agent.jnlp.
This file contains XML content that includes the secret.
You can use curl to download this file for a particular agent, and extract the first argument under <application-desc><argument>. This can be done with curl and sed:
curl -L -s -u ${USER}:${API_TOKEN} ${CONTROLLER_URL}/computer/${AGENT_NAME}/jenkins-agent.jnlp | sed "s/.*<application-desc><argument>\([a-z0-9]*\).*/\1\n/"
With the following variables:
| Variable | Description |
|---|---|
|
A user with permissions to view nodes |
|
API token of the user |
|
The url of your controller |
|
The name of the agent |
| Other solutions can be used to download the file and extract the secret. |
The user must have the permission Agent/Connect to run this curl command successfully.
|
Connecting dedicated agents via -jnlpUrl is deprecated as of Jenkins LTS 2.437 (changelog). However, this method of retrieving the agent secret via $NODE_URL/jenkins-agent.jnlp is still valid.
|
For administrators only
As an administrator, another solution is to use the Jenkins Script Console. The Jenkins CLI or the Jenkins REST API can also be used to execute script remotely.
controller agents
To get the secret of a controller agent, the following script can be used:
jenkins.model.Jenkins.getInstance().getComputer("$NODE_NAME").getJnlpMac()
operations center shared agents
To get the secret of a Shared Agent, the following script can be used - in the Jenkins Script Console of the operations center:
def sharedAgent = Jenkins.getInstance().getItems(com.cloudbees.opscenter.server.model.SharedSlave.class) .find { it.launcher != null && it.launcher.class.name == 'com.cloudbees.opscenter.server.jnlp.slave.JocJnlpSlaveLauncher' && it.name == "shared-agent"} return sharedAgent?.launcher.getJnlpMac(sharedAgent)
See also: