Skip to content
Snippets Groups Projects

jobs/tools: Do not inline token in script setting gitlab webhooks

Pass it as a hidden parameter instead as jenkins now requires to manually validate each groovy script for security concerns.

As a script is identified by the hash of its content, proceeding like this avoid to revalidate the webhooks setting script each time the token is rotated.

These changes have been tested locally with a local jenkins and our staging gitlab.

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
Please register or sign in to reply
Loading