> > I believe this is the missing piece for Jenkins CI. > > Nope. Though configuring the behaviour for untrusted refs is a bit of > a dark magic. For one the Authorize Project plugin was implemented > without anyone paying attention to the permissions stuff in the > Credentials plugin... so there are some minor pitfalls there... > mostly around people not actually understanding what the different > credentials stores are for. Then the SCM API trusted refs stuff is > poorly understood... and finally on top of all that Pipeline > currently runs the Groovy script on the master so you cannot verify > untrusted refs that change the Jenkinsfile while having the security > protections. > > But you can most certainly set up Jenkins to have access to a user's > deployment credentials when triggered by the user wanting to deploy > while preventing PRs from accessing those credentials... However it > probably requires a Jenkins Ninja such as myself, KK, Jesse or Oleg > to set it up! > > New initiatives in Jenkins will help make these things accessible to > people not intimately aware of the finer details of how Jenkins > works
I'm willing to believe that Jenkins, the software, is incapable of this, though more detail would be nice rather than just "trust me, it's hard." What about buildbot? Or another technology we could use with INFRA's support? Last time I looked at buildbot, its integration with Docker was very poor. I don't have any special attachment to Jenkins. -Joan
