Skip to content

improving "Handling Credentials" documentation #597

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
marc-guenther wants to merge 1 commit into
base: master
Choose a base branch
from
Open

improving "Handling Credentials" documentation #597

marc-guenther wants to merge 1 commit into from

Conversation

@marc-guenther
Copy link
Member

@marc-guenther marc-guenther commented Aug 31, 2015

I tried to add some info the the "Handling Credentials" page, as some things were quite unclear for me when I first read it (knowing nothing at all about the topic then)

  • It wasn't clear to me if we can use the Credentials Plugin solution everywhere, or only when the plugin supports the Credentials Plugin directly. It seems the latter, so I added that explicitely.
  • It seems we have two problems to solve, clear text passwords in the dsl scripts themselves, and clear text passwords in the job configs? First is absolute worst case, second is still bad, but not as bad, and not avoidable if Credentials Plugin is not supported?
  • I got completely confused by the mention of "Credentials Binding Plugin" in the "Credentials Plugin" section talking about build variables, but then there is another section "Build Variables", which mentions "EnvInject Plugin"
  • And I think an option is missing, instead of using "EnvInject Plugin" in the seed job (option 2), we could also use it in the generated job itself. That would be similar to first option, in that no credentials are ever exposed to the dsl script.

@marc-guenther marc-guenther force-pushed the handling-credentials branch 2 times, most recently from 4e525fd to ace3732 Compare August 31, 2015 15:25
@marc-guenther
improving "Handling Credentials" documentation
ace3732 
I tried to add some info the the "Handling Credentials" page, as some things were quite unclear for me when I first read it (knowing nothing at all about the topic then)
- It wasn't clear to me if we can use the Credentials Plugin solution everywhere, or only when the plugin supports the Credentials Plugin directly. It seems the latter, so I added that explicitely.
- It seems we have two problems to solve, clear text passwords in the dsl scripts themselves, and clear text passwords in the job configs? First is absolute worst case, second is still bad, but not as bad, and not avoidable if Credentials Plugin is not supported?
- I got completely confused by the mention of "Credentials Binding Plugin" in the "Credentials Plugin" section talking about build variables, but then there is another section "Build Variables", which mentions "EnvInject Plugin"
- And I think an option is missing, instead of using "EnvInject Plugin" in the seed job (option 2), we could also use it in the generated job itself. That would be similar to first option, in that no credentials are ever exposed to the dsl script.
@jenkinsadmin
Copy link
Member

jenkinsadmin commented Aug 31, 2015

Thank you for a pull request! Please check this document for how the Jenkins project handles pull requests

@jiff-infrastructure
Copy link

jiff-infrastructure commented Jan 18, 2018

Can one of the admins verify this patch?

@CorevistCI
Copy link

CorevistCI commented Aug 30, 2019

Build finished.

@jamietanna jamietanna self-requested a review June 20, 2022 07:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jamietanna jamietanna Awaiting requested review from jamietanna

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@marc-guenther @jenkinsadmin @jiff-infrastructure @CorevistCI