[Gluster-infra] Jenkins accounts connected to GitHub/OAuth?

Justin Clift justin at gluster.org
Wed May 27 15:48:18 UTC 2015

On 27 May 2015, at 15:40, Niels de Vos <ndevos at redhat.com> wrote:
> On Wed, May 27, 2015 at 03:23:19PM +0100, Justin Clift wrote:
>> On 25 May 2015, at 16:21, Vijay Bellur <vbellur at redhat.com> wrote:
>>> On 05/23/2015 11:46 PM, Niels de Vos wrote:
>>>> There seems to be a Jenkins plugin that makes is possible to use GitHub
>>>> OAuth to allow users to login. We use this for Gerrit already, should we
>>>> try it for Jenkins too?
>>>>    https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin
>>> We could do this if we can set up the right authorization (should be possible based on the description of the plugin).
>>> Should we disable local user accounts once this is works?
>> Would that run the risk of literally anyone with a GitHub account
>> being able to run (arbitrary) tasks on our VM infrastructure?
>> If so, I'm not sure if that's a good/bad idea.  I can imagine
>> both positives and negatives for it... ;)
>> Maybe try it out, and see if it gets abused or not?
> I have a test instance of Jenkins running, with the plugin installed.
> The attached screenshot shows the options in the "Configure Global
> Security" form.
> We can add a list of (GitHub) users that have admin permissions. We do
> not use the "Github repository" integration, so I think the permissions
> on the repository are not relevant for our usage.

Looks good then. :)

+ Justin

GlusterFS - http://www.gluster.org

An open source, distributed file system scaling to several
petabytes, and handling thousands of clients.

My personal twitter: twitter.com/realjustinclift

More information about the Gluster-infra mailing list