Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-20937

SCM password should not be recorded in build.xml in job's builds storage

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: m2release-plugin
    • Labels:
      None
    • Environment:
      Jenkins LTS 1.509.4, m2release plugin 0.13.0-SNAPSHOT
    • Similar Issues:

      Description

      The SCM credentials used/provided are recorded in the job's builds storage (in build.xml).

      <hudson.maven.MavenModuleSetBuild plugin="maven-plugin@1.509.4">
        <actions>
          ...
          <org.jvnet.hudson.plugins.m2release.M2ReleaseArgumentInterceptorAction plugin="m2release@0.13.0-SNAPSHOT">
            <goalsAndOptions>-DdevelopmentVersion=1.1.1-SNAPSHOT -DreleaseVersion=1.1.0 -Dusername=USERID -Dpassword=topsecret -Dresume=false release:prepare release:perform</goalsAndOptions>
          </org.jvnet.hudson.plugins.m2release.M2ReleaseArgumentInterceptorAction>
          ...
        </actions>
        ...
      </hudson.maven.MavenModuleSetBuild>
      

      This is not good as user passwords should be kept secret. Is there any reason for this to be stored?

        Attachments

          Activity

          ahammar Anders Hammar created issue -
          teilo James Nord made changes -
          Field Original Value New Value
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Resolved [ 5 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 152748 ] JNJira + In-Review [ 194341 ]
          teilo James Nord made changes -
          Assignee James Nord [ teilo ]

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            ahammar Anders Hammar
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: