Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-58647

GitHub Authorization Setting Caution Message

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major Major
    • github-plugin
    • None

      Jenkins' GitHub authorization settings can be configured the following ways:

      1. Allow authenticated GutHub users access to Jenkins (by checking the box)
      2. Disallow authenticated GitHub users from accessing the Jenkins instsance

      If option #1 is enabled, I'd expect a caution/warning message to appear describing the implications of this change, i.e. anyone with a GitHub account will be granted access the the Jenkins instance.

       

      Today, checking that box potentially exposes code to people outside an organization and it's an easy mistake to make between 'authenticated' and 'authorized'.

        1. Screen Shot 2019-07-22 at 8.12.05 AM.png
          62 kB
          Joshua Dahlberg

            lanwen Kirill Merkushev
            jaaash Joshua Dahlberg
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: