jobs/tools: Do not inline token in script setting gitlab webhooks (!188) · Merge requests · Platform / Infrastructure / CI CD / Jenkins jobs · GitLab

Snippets Groups Projects

Merged Antoine Lambert requested to merge anlambert/swh-jenkins-jobs:webhooks-script-no-token-inlining into master 1 year ago

Pass it as a hidden parameter instead as jenkins now requires to manually validate each groovy script for security concerns.

As a script is identified by the hash of its content, proceeding like this avoid to revalidate the webhooks setting script each time the token is rotated.

These changes have been tested locally with a local jenkins and our staging gitlab.

Activity

Jenkins Bot @jenkins · 1 year ago

Maintainer

Jenkins job jenkins-tools/swh-jenkins-jobs-builder #249 succeeded .
See Console Output and Coverage Report for more details.
Nicolas Dandrimont @olasd · 1 year ago

Owner

that seems sensible, thanks!
Nicolas Dandrimont approved this merge request 1 year ago

approved this merge request
Antoine R. Dumont approved this merge request 1 year ago

approved this merge request
Antoine Lambert merged 1 year ago

merged

Please register or sign in to reply