On 27 May 2015, at 15:40, Niels de Vos <[email protected]> wrote: > On Wed, May 27, 2015 at 03:23:19PM +0100, Justin Clift wrote: >> On 25 May 2015, at 16:21, Vijay Bellur <[email protected]> wrote: >>> On 05/23/2015 11:46 PM, Niels de Vos wrote: >>>> There seems to be a Jenkins plugin that makes is possible to use GitHub >>>> OAuth to allow users to login. We use this for Gerrit already, should we >>>> try it for Jenkins too? >>>> >>>> https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin >>>> >>> >>> We could do this if we can set up the right authorization (should be >>> possible based on the description of the plugin). >>> >>> Should we disable local user accounts once this is works? >> >> Would that run the risk of literally anyone with a GitHub account >> being able to run (arbitrary) tasks on our VM infrastructure? >> >> If so, I'm not sure if that's a good/bad idea. I can imagine >> both positives and negatives for it... ;) >> >> Maybe try it out, and see if it gets abused or not? > > I have a test instance of Jenkins running, with the plugin installed. > The attached screenshot shows the options in the "Configure Global > Security" form. > > We can add a list of (GitHub) users that have admin permissions. We do > not use the "Github repository" integration, so I think the permissions > on the repository are not relevant for our usage.
Looks good then. :) + Justin -- GlusterFS - http://www.gluster.org An open source, distributed file system scaling to several petabytes, and handling thousands of clients. My personal twitter: twitter.com/realjustinclift _______________________________________________ Gluster-infra mailing list [email protected] http://www.gluster.org/mailman/listinfo/gluster-infra
