Description

通过 Jenkins 环境变量认证，支持查询项目、触发指定分支构建及查看构建状态与产物下载链接。

README (SKILL.md)

Jenkins 构建助手

Name: jenkins-fix
Author: gitboy123

快速使用

查看所有项目：

Jenkins 项目列表

或

列出所有 Jenkins job

触发构建（默认分支）：

构建 \x3C项目名>

触发构建（指定分支）：

构建 \x3C项目名> \x3C分支名>

或

构建 \x3C项目名> 分支=\x3C分支名>

查看构建状态：

\x3C项目名> 构建状态

认证配置（安全）

配置方式（二选一）

方式一：环境变量（推荐，安全）

在运行脚本前设置以下环境变量：

# 方式 A: 使用 API Token（推荐）
export JENKINS_URL="http://jks.huimei-inc.com"
export JENKINS_USERNAME="jiaofu"
export JENKINS_API_TOKEN="your_api_token_here"

# 方式 B: 使用用户名密码（API Token 过期时回退）
export JENKINS_URL="http://jks.huimei-inc.com"
export JENKINS_USERNAME="jiaofu"
export JENKINS_PASSWORD="your_password_here"

方式二：Shell 配置文件（永久生效）

将上述环境变量添加到 ~/.zshrc 或 ~/.bash_profile：

# Jenkins 构建助手认证信息
export JENKINS_URL="http://jks.huimei-inc.com"
export JENKINS_USERNAME="jiaofu"
export JENKINS_API_TOKEN="your_api_token_here"

然后执行：

source ~/.zshrc  # 或 source ~/.bash_profile

获取 Jenkins API Token

登录 Jenkins: http://jks.huimei-inc.com
点击右上角用户名 → "Configure"（配置）
在 "API Token" 区域点击 "Add new Token"
复制生成的 Token 到环境变量

认证优先级

优先使用 API Token（更安全，可随时撤销）
回退到用户名密码（仅当 API Token 失效时）

⚠️ 安全提示：切勿将密码、API Token 提交到版本控制系统（如 git）。使用 .env 文件或系统环境变量存储敏感信息。

核心功能

1. 列出所有项目

返回 Jenkins 中所有可用的 job 名称列表。

2. 触发构建

用户指定项目名称后自动触发构建，支持：

精确项目名匹配
模糊匹配（包含关键词的项目）
指定构建分支（支持多种格式）

3. 构建结果

构建完成后返回：

✅ 成功：程序包下载地址（OSS 链接）
❌ 失败：失败原因和异常信息

使用示例

用户：Jenkins 项目列表
助手：可用项目：
- hospital__go_crf_service
- hospital__java_omc-business
...

用户：构建 hospital__go_crf_service cloud_251230_release
助手：🔄 正在触发 hospital__go_crf_service 构建...
   使用默认参数: ['HM_ENV', 'REMOTE_HOST', 'PROJECT_TYPE', 'PROJECT_NAME', 'GIT_URL', 'BRANCH_TAG', 'IMAGE_NAME']
   🔀 指定分支: cloud_251230_release
   ✅ 构建已触发，等待构建完成...

✅ hospital__go_crf_service 构建成功！
构建号: #71
耗时: 65.3秒

📦 程序包下载地址：
1. http://ovf.oss-cn-hangzhou.aliyuncs.com/package%2Fpython%2Fcrf_service%2F...

支持的分支指定格式

格式	示例
空格分隔	`构建 hospital__go_crf_service cloud_251230_release`
分支=参数	`构建 hospital__go_crf_service 分支=cloud_251230_release`
branch=参数	`构建 hospital__go_crf_service branch=cloud_251230_release`

注意事项

构建可能需要几分钟时间，请耐心等待
如果构建失败，会显示具体的错误日志
程序包下载链接通常为 OSS 格式
分支名必须是该 job 支持的 git 分支或 tag

Usage Guidance

This skill appears to implement Jenkins operations, but there are red flags you should consider before use: - Do not supply Jenkins credentials (API token/password) unless you trust the skill source. The code and docs reference an internal host (http://jks.huimei-inc.com) and a default username — this suggests the skill was built for a specific organization. If you are not part of that organization, do not point your credentials at that host. - The registry metadata omitted declaring required environment variables, but the SKILL.md and scripts clearly expect JENKINS_URL, JENKINS_USERNAME and a token/password. That mismatch is sloppy and increases risk; ask the publisher why metadata differs from the runtime requirements. - The dingtalk helper references an absolute path to the handler ("/opt/homebrew/lib/node_modules/openclaw/skills/jenkins/scripts/jenkins_handler.py"), which looks misconfigured and may indicate the package was copied from another environment. Expect runtime errors or unexpected behavior; inspect and, if necessary, fix script paths before running. - If you decide to try it, run the scripts in an isolated environment (throwaway VM or container) and avoid putting long-lived credentials into global shell profiles. Prefer creating a dedicated minimal-permission API token for testing, and revoke it after evaluation. If you need to proceed in production, ask the publisher for provenance (source repository, maintainer identity), request corrected registry metadata, and consider auditing the full script contents and endpoints it contacts (Jenkins URL and any discovered OSS links) before supplying real credentials.

Capability Analysis

Type: OpenClaw Skill Name: jenkins-fix Version: 1.0.0 The skill is a Jenkins automation tool designed to list projects, trigger builds, and retrieve build status/logs. It follows security best practices by encouraging the use of environment variables for authentication (JENKINS_API_TOKEN/PASSWORD) and implements CSRF crumb handling to interact safely with the Jenkins API. While it contains a hardcoded internal URL and default username (scripts/jenkins_handler.py), these appear to be configuration defaults for a specific corporate environment rather than indicators of malice.

Capability Assessment

⚠ Purpose & Capability

The declared purpose (Jenkins: list jobs, trigger builds, show results) matches the included code. However the SKILL.md and code include a hardcoded internal Jenkins URL (http://jks.huimei-inc.com) and default username ('jiaofu'), which ties the skill to a specific organization. Registry metadata declared no required environment variables, yet the instructions and code require JENKINS_URL, JENKINS_USERNAME and either JENKINS_API_TOKEN or JENKINS_PASSWORD. That mismatch is unexpected and disproportionate to a generic Jenkins helper.

ℹ Instruction Scope

The SKILL.md instructs the user to set environment variables (JENKINS_URL, JENKINS_USERNAME, JENKINS_API_TOKEN/PASSWORD) and to source shell config files — these are reasonable for a Jenkins integration. The instructions explicitly point users to the internal host (jks.huimei-inc.com) and provide steps to obtain tokens from that host; this is appropriate only if you intend to operate against that specific Jenkins. The skill's instructions do not attempt to read unrelated system files, but they do encourage storing credentials in environment variables or shell profiles (which is sensitive and should be done carefully).

✓ Install Mechanism

There is no install spec (instruction-only), so nothing is downloaded or written by an installer step. The repository includes two Python scripts which will be executed at runtime; absence of an install step is low-risk in terms of automatic downloads, but the included scripts will run in the agent environment when invoked.

⚠ Credentials

Requesting Jenkins credentials (username + API token or password) is appropriate for a Jenkins skill. However the registry metadata lists no required env vars while SKILL.md and the code require/expect JENKINS_URL, JENKINS_USERNAME and token/password — this metadata omission is inconsistent. Additionally, the code ships with defaults pointing to an internal host and username; providing real credentials to an untrusted skill that references a company-specific host is potentially risky.

✓ Persistence & Privilege

The skill does not request always:true and does not claim to modify other skills or system-wide settings. It runs as a normal, user-invokable skill and does not request elevated persistence.

Version History

v1.0.0

Initial Python-based version replacing Node.js script: - Migrated core build and job management logic from scripts/jenkins.mjs (Node.js) to new Python scripts: scripts/dingtalk_jenkins.py and scripts/jenkins_handler.py. - Removed scripts/jenkins.mjs; Node.js interface no longer used. - Updated documentation and skill description for new usage, security, and environment variable authentication. - Now supports build, job listing, build status checks, branch/tag specification, and improved environment variable-based security.

Metadata

Slug jenkins-fix

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is jenkins-fix?

通过 Jenkins 环境变量认证，支持查询项目、触发指定分支构建及查看构建状态与产物下载链接。 It is an AI Agent Skill for Claude Code / OpenClaw, with 377 downloads so far.

How do I install jenkins-fix?

Run "/install jenkins-fix" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is jenkins-fix free?

Yes, jenkins-fix is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does jenkins-fix support?

jenkins-fix is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created jenkins-fix?

It is built and maintained by gitboy123 (@gitboy123); the current version is v1.0.0.

More Skills

jenkins-fix