Perfect. The global-configuration archetype example was super helpful. I got it working. Thank you. Yes, using a secret makes sense more than whole credentials here.
On Thursday, April 4, 2019 at 3:47:07 PM UTC+3, Jesse Glick wrote: > > On Thu, Apr 4, 2019 at 6:52 AM Daniel Beck <[email protected] <javascript:>> > wrote: > > Create a GlobalConfiguration > > Easiest to start with > > https://github.com/jenkinsci/archetypes#usage > > even if you throw away the toy plugin afterwards. > > > I am not sure what kind of “credentials” you are referring to here. To > validate a token you would I guess want Jenkins to store some sort of > public key, or simply a token hash (you could use > `org.mindrot.jbcrypt.BCrypt`). If you do want to protect a public > key/hash a bit more, save it as a `Secret` rather than a `String`. > > When we talk about “credentials” we usually refer specifically to > > > https://github.com/jenkinsci/credentials-plugin/blob/master/docs/README.adoc > > which should not be necessary if Jenkins itself is not retaining > anything especially secret. An `IdCredentials.id` would imply that you > expect a secret value to potentially be used in multiple places or > even loaded from Vault or a Kubernetes `Secret`, which seems unlikely > in this case. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/b82562a9-ae0f-417e-bd41-5a2b68b12e37%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
