Skip to content

Add API endpoint to apply new JCasC configuration with yaml in body#2815

Merged
timja merged 14 commits intojenkinsci:masterfrom
somiljain2006:casc-post-endpoint
Apr 5, 2026
Merged

Add API endpoint to apply new JCasC configuration with yaml in body#2815
timja merged 14 commits intojenkinsci:masterfrom
somiljain2006:casc-post-endpoint

Conversation

@somiljain2006
Copy link
Copy Markdown
Contributor

@somiljain2006 somiljain2006 commented Apr 4, 2026
edited by timja
Loading

Fixed #1292

Introduce a new HTTP POST endpoint (/configuration-as-code/configure) to allow applying JCasC YAML directly from the request body.

Key features:

  • Enforces Jenkins.ADMINISTER permission
  • Requires POST method
  • CSRF protection respected
  • Supports API token authentication for automation use cases
  • Validates request body and rejects empty payloads
  • Returns structured JSON errors for invalid YAML or configuration issues

Test coverage includes:

  • Permission enforcement (admin, non-admin, anonymous)
  • CSRF handling (with/without crumb, API token bypass)
  • Invalid YAML and malformed structure handling
  • Empty request body validation
  • Idempotent configuration application

Your checklist for this pull request

🚨 Please review the guidelines for contributing to this repository.

  • Make sure you are requesting to pull a topic/feature/bugfix branch (right side) and not your master branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or in Jenkins JIRA
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Did you provide a test case? That demonstrates a feature that works or fixes the issue.

@somiljain2006 somiljain2006 requested a review from a team as a code owner April 4, 2026 11:04
timja
timja reviewed Apr 4, 2026
View reviewed changes
Comment thread docs/features/configurationReload.md Outdated
timja
timja reviewed Apr 4, 2026
View reviewed changes
Comment thread plugin/src/main/java/io/jenkins/plugins/casc/ConfigurationAsCode.java Outdated
@somiljain2006 somiljain2006 requested a review from timja April 4, 2026 16:17
timja
timja reviewed Apr 5, 2026
View reviewed changes
Comment thread docs/features/configurationReload.md Outdated
timja
timja reviewed Apr 5, 2026
View reviewed changes
Comment thread docs/features/configurationReload.md Outdated
timja
timja reviewed Apr 5, 2026
View reviewed changes
Comment thread plugin/src/test/java/io/jenkins/plugins/casc/ConfigurationAsCodeApiTest.java Outdated
Comment thread plugin/src/test/java/io/jenkins/plugins/casc/ConfigurationAsCodeApiTest.java Outdated
Comment thread plugin/src/test/java/io/jenkins/plugins/casc/ConfigurationAsCodeApiTest.java Outdated
@somiljain2006 somiljain2006 requested a review from timja April 5, 2026 12:40
@timja timja changed the title Add secure POST endpoint to apply JCasC YAML via HTTP body Add API endpoint to apply new JCasC configuration with yaml in body Apr 5, 2026
@timja timja enabled auto-merge (squash) April 5, 2026 20:55
@timja timja merged commit dec5de3 into jenkinsci:master Apr 5, 2026
17 checks passed
@somiljain2006 somiljain2006 deleted the casc-post-endpoint branch April 6, 2026 01:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timja timja timja approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Allow reloading configuration contents via POST (not from disk)

2 participants

@somiljain2006 @timja