> > > > If you're referring to using a GitHub webhook, we ended up having to > create a simple application that would receive GitHub webhook events, > verify the request against the webhook secret, and trigger the desired > OpenShift build or Jenkins job. This is primarily because GitHub webhooks > don't really support authentication mechanisms other than the webhook > secret. > > > Thanks Andy, we went a somewhat different (but similar) route. We created a reverse proxy that only accepts requests to the build url and injects the oauth2 service account token in the call to our jenkins. I like the idea of verifying the token first but don't think its necessary. It could cut down if there was a vulnerability found in jenkins but i can also cut that down in other ways too (i might clear all content from the request).
Thanks Marc
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
