[JIRA] (OVIRT-1940) Do not show injected variables in Jenklins

[Evgheni Dereveanchin (oVirt JIRA)]

Evgheni Dereveanchin created OVIRT-1940:
-------------------------------------------

             Summary: Do not show injected variables in Jenklins
                 Key: OVIRT-1940
                 URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1940
             Project: oVirt - virtualization made easy
          Issue Type: Task
            Reporter: Evgheni Dereveanchin
            Assignee: infra


We use the Environment Injector Plugin and a recent security advisory for 
Jenkins recommends disabling display of injected variables via the UI/API to 
avoid leakage of sensitive data:
https://jenkins.io/security/advisory/2018-02-26/#SECURITY-248

This can be done in settings -> Configure Global Security -> Do not show 
injected variables

I performed this change on staging already.



--
This message was sent by Atlassian Jira
(v1001.0.0-SNAPSHOT#100082)

_______________________________________________
Infra mailing list
Infra@ovirt.org
http://lists.ovirt.org/mailman/listinfo/infra