Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      story #10727 encrypt credentials used to access Jenkins instance before them into the DB
    Actions
    Summary
    Empty
    encrypt credentials used to access Jenkins instance before them into the DB
    Jenkins credentials are still reasonably safe if the database server is compromised but not the Tuleap server.

    As project admin, in the continuous integration plugin administration:

    • I have a way to set credentials to access a Jenkins instance better than putting them in the URL used to access the Jenkins instance URL
    • If possible, a warning is displayed on configured Jenkins jobs with credentials in the URL

    The credentials used to access the Jenkins instance are stored encrypted in the database and decrypted before usage.

     

    It leverages the existing Tuleap cryptography API.

    Empty
    Empty
    Status
    Empty
    Ready (stalled)
    Development
    • [ ] Does it involves User Interface? 
    • [ ] Are there any mockups?
    • [ ] Are permissions checked?
    • [ ] Does it need Javascript development?
    • [ ] Does it need a forge upgrade bucket?
    • [ ] Does it need to execute things in system events?
    • [ ] Does it impact project creation (templates)?
    • [ ] Is it exploratory?
    Empty
    Details
    #10727
    Thomas Gerbet (tgerbet)
    2017-10-04 13:20
    2017-10-04 13:20
    10963

    References
    Artifact links
    Empty
    References list is empty