[Gluster-infra] Jenkins accounts connected to GitHub/OAuth?
Niels de Vos
ndevos at redhat.com
Wed May 27 14:40:05 UTC 2015
On Wed, May 27, 2015 at 03:23:19PM +0100, Justin Clift wrote:
> On 25 May 2015, at 16:21, Vijay Bellur <vbellur at redhat.com> wrote:
> > On 05/23/2015 11:46 PM, Niels de Vos wrote:
> >> There seems to be a Jenkins plugin that makes is possible to use GitHub
> >> OAuth to allow users to login. We use this for Gerrit already, should we
> >> try it for Jenkins too?
> >> https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin
> > We could do this if we can set up the right authorization (should be possible based on the description of the plugin).
> > Should we disable local user accounts once this is works?
> Would that run the risk of literally anyone with a GitHub account
> being able to run (arbitrary) tasks on our VM infrastructure?
> If so, I'm not sure if that's a good/bad idea. I can imagine
> both positives and negatives for it... ;)
> Maybe try it out, and see if it gets abused or not?
I have a test instance of Jenkins running, with the plugin installed.
The attached screenshot shows the options in the "Configure Global
We can add a list of (GitHub) users that have admin permissions. We do
not use the "Github repository" integration, so I think the permissions
on the repository are not relevant for our usage.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 73386 bytes
Desc: not available
More information about the Gluster-infra