The users are most likely different. They might even not be authenticated at all against any user database the Jenkins instance is using.
While the idea of disabling workspace permission sounds cool, I would love to avoid any access to the Jenkins instance at all. The good thing about exporting just the badge images to a sacrificial host is that people would not have access to my build server at all, thereby avoiding any vector of attack while simultanously exposing status information only about a few builds but not about the other 95% which might leak confidential information even by the name of the jobs (e.g. cust-<customername>.smoketest :-) ) On Monday, February 10, 2014 6:10:55 PM UTC+1, Marcelo Rebasti wrote: > > Hakan, > > Are The users in both sides of the firewall the same? If the users are > different, you can disable the workspace permission for those outside the > firewall and hide the passwords in the logs with > https://wiki.jenkins-ci.org/display/JENKINS/Mask+Passwords+Plugin. > > Regards. > > Marcelo Rebasti > > > On Mon, Feb 10, 2014 at 1:06 PM, Hakan Tandoğan > <[email protected]<javascript:> > > wrote: > >> Hi, >> >> I have the following use case: Jenkins installation inside firewall, and >> the builds themselves need to be hidden because logs / workspaces might >> contain secret keys (e.g. OAuth keys). On the other hand, the build status >> of some of those jobs shall be externally visible.. >> >> My current idea is to have a post-build action that uploads the badge of >> it upstream (the job with the secrets) to some externally visible web site. >> The only thing I don't know how to do is to determine in the uploader job >> which job was the trigger. Any ideas except the last-ditch solution of >> having one uploader job per "normal" job? >> >> Regards, >> Hakan >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Jenkins Developers" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
