-
Bug
-
Resolution: Fixed
-
Major
GitHub PRs for public repos were disabled in the 1.3 release due to concerns about untrusted Jenkinsfiles. While that's understandable, the result is that, well, this doesn't build PRs any more unless you're using a private repo, and that's unfortunate to say the least. This is especially inconvenient for a GitHub Enterprise use case, since "public repos" doesn't mean the same thing there.
- depends on
-
JENKINS-34596 Set visible flag when Jenkinsfile is taken from a trusted revision rather than PR head
-
- Resolved
-
- links to
[JENKINS-33256] Re-enable GitHub PR support for public repos
Nah, it's definitely a bug, albeit one introduced for good reasons. =) Putting aside github.com public repo use cases, GitHub Enterprise behind-the-firewall use cases are basically all now broken, and "public" behind-the-firewall repos are basically equivalent to github.com private repos, so they shouldn't be restricted, IMO.
And fwiw, I like the idea of being able to say "just use the Jenkinsfile from the target branch" without worrying about who the author is in most cases. Obviously, for PRs with legit changes to the Jenkinsfile, that's a bit different, but the majority of use cases, etc.
abayer My initial proposal was to consider both private and public repos. In fact, thus is in 1.2. Anyway I'm sure we can find a better solutions. Thanks for your feedback.
Code changed in jenkins
User: Stephen Connolly
Path:
src/main/java/jenkins/scm/api/SCMSource.java
http://jenkins-ci.org/commit/scm-api-plugin/b82237184965604d9734771a5202e9d9ed38deac
Log:
Merge pull request #5 from jglick/getTrustedRevision
JENKINS-33256 Introducing SCMSource.getTrustedRevision
Compare: https://github.com/jenkinsci/scm-api-plugin/compare/8c9bca237297...b82237184965
Code changed in jenkins
User: Jesse Glick
Path:
CHANGES.md
multibranch/src/main/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinder.java
multibranch/src/test/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinderTest.java
pom.xml
http://jenkins-ci.org/commit/workflow-plugin/76bdc6f044f2eaf60f0f313cb09c7e006802e9a5
Log:
Merge pull request #244 from jglick/getTrustedRevision
JENKINS-33256 Calling SCMSource.getTrustedRevision
Compare: https://github.com/jenkinsci/workflow-plugin/compare/f19e83d255e2...76bdc6f044f2
Code changed in jenkins
User: Jesse Glick
Path:
src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java
http://jenkins-ci.org/commit/github-branch-source-plugin/3e23edf68e0c87b857c4923dabe998167cc26150
Log:
[FIXED JENKINS-33256] Reënabling PRs on public repos.
Code changed in jenkins
User: Jesse Glick
Path:
pom.xml
src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java
src/main/java/org/jenkinsci/plugins/github_branch_source/UntrustedPullRequestSCMRevision.java
http://jenkins-ci.org/commit/github-branch-source-plugin/e1ea086b75541f686c21d8604a454f33b933dadc
Log:
Merge pull request #29 from jglick/getTrustedRevision-JENKINS-33256
JENKINS-33256 Untrusted PRs
Compare: https://github.com/jenkinsci/github-branch-source-plugin/compare/3df443cd38c6...e1ea086b7554
Code changed in jenkins
User: Jesse Glick
Path:
multibranch/src/main/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinder.java
multibranch/src/test/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinderTest.java
http://jenkins-ci.org/commit/workflow-multibranch-plugin/5d458888fe0eba9e1ed2306328beb914674ede64
Log:
Merge pull request #244 from jglick/getTrustedRevision
JENKINS-33256 Calling SCMSource.getTrustedRevision
Originally-Committed-As: 76bdc6f044f2eaf60f0f313cb09c7e006802e9a5
Code changed in jenkins
User: Jesse Glick
Path:
demo/README.md
http://jenkins-ci.org/commit/github-branch-source-plugin/4970dbc528f0d26ffe0f6ebaac8ac9959c14f04c
Log:
Removing instructions obsolete since #29 (JENKINS-33256).
I don't think this is a bug.