[Gluster-infra] Jenkins accounts connected to GitHub/OAuth?

Niels de Vos ndevos at redhat.com
Wed May 27 14:40:05 UTC 2015


On Wed, May 27, 2015 at 03:23:19PM +0100, Justin Clift wrote:
> On 25 May 2015, at 16:21, Vijay Bellur <vbellur at redhat.com> wrote:
> > On 05/23/2015 11:46 PM, Niels de Vos wrote:
> >> There seems to be a Jenkins plugin that makes is possible to use GitHub
> >> OAuth to allow users to login. We use this for Gerrit already, should we
> >> try it for Jenkins too?
> >> 
> >>     https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin
> >> 
> > 
> > We could do this if we can set up the right authorization (should be possible based on the description of the plugin).
> > 
> > Should we disable local user accounts once this is works?
> 
> Would that run the risk of literally anyone with a GitHub account
> being able to run (arbitrary) tasks on our VM infrastructure?
> 
> If so, I'm not sure if that's a good/bad idea.  I can imagine
> both positives and negatives for it... ;)
> 
> Maybe try it out, and see if it gets abused or not?

I have a test instance of Jenkins running, with the plugin installed.
The attached screenshot shows the options in the "Configure Global
Security" form.

We can add a list of (GitHub) users that have admin permissions. We do
not use the "Github repository" integration, so I think the permissions
on the repository are not relevant for our usage.

Cheers,
Niels
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jenkins-github-oauth.png
Type: image/png
Size: 73386 bytes
Desc: not available
URL: <http://www.gluster.org/pipermail/gluster-infra/attachments/20150527/98f2e6c4/attachment-0001.png>


More information about the Gluster-infra mailing list