jobs/tools: Do not inline token in script setting gitlab webhooks (!188) · Merge requests · Platform / Infrastructure / CI CD / Jenkins jobs

Antoine Lambert requested to merge anlambert/swh-jenkins-jobs:webhooks-script-no-token-inlining into master Sep 12, 2023

Pass it as a hidden parameter instead as jenkins now requires to manually validate each groovy script for security concerns.

As a script is identified by the hash of its content, proceeding like this avoid to revalidate the webhooks setting script each time the token is rotated.

These changes have been tested locally with a local jenkins and our staging gitlab.

jobs/tools: Do not inline token in script setting gitlab webhooks

Merge request reports