Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35324

Support restoring secrets

    XMLWordPrintable

Details

    • New Feature
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Done
    • thinbackup-plugin
    • None
    • Jenkins ver. 1.642.2, thinBackup 1.7.4

    Description

      When trying to restore a backup on a fresh install, I've noticed that the secrets are missing and password cannot be encrypted. I understand why some users would not want to backup secrets, but in some cases this is really useful.

      Could you add an option to backup the secrets folder as well?

      Attachments

        Activity

          The whole point of the backup process is to be able to DR a new Jenkins. The secrets folder needs to be backed up for this to happen.

          lswithenbank Luke Swithenbank added a comment - The whole point of the backup process is to be able to DR a new Jenkins. The secrets folder needs to be backed up for this to happen.
          trojanc Charl Thiem added a comment -

          Yes please! This could have saved us a week figuring out why passwords don't work when testing a restore.

          trojanc Charl Thiem added a comment - Yes please! This could have saved us a week figuring out why passwords don't work when testing a restore.
          trojanc Charl Thiem added a comment -

          So this weekend I wanted to see if I can write this feature for this plugin, then when I got the master branch running, I say the functionality is already there. I just hasn't been released to be available on the jenkins plugin store.

          See screenshot
          ]

          With this configuration I could backup all the keys there are in the secrets directory. With some tweaking of the regex you could probably match all the files in the secrets directory.

          https://github.com/jenkinsci/thin-backup-plugin
          The source code for this has been done more than a year ago. Is there any plans to make this available from the plugin manager?

          trojanc Charl Thiem added a comment - So this weekend I wanted to see if I can write this feature for this plugin, then when I got the master branch running, I say the functionality is already there. I just hasn't been released to be available on the jenkins plugin store. See screenshot ] With this configuration I could backup all the keys there are in the secrets directory. With some tweaking of the regex you could probably match all the files in the secrets directory. https://github.com/jenkinsci/thin-backup-plugin The source code for this has been done more than a year ago. Is there any plans to make this available from the plugin manager?
          tofuatjava Thomas Fürer added a comment -

          should be part of 1.8.0

          tofuatjava Thomas Fürer added a comment - should be part of 1.8.0
          chetan_sharma Chetan Sharma added a comment -

          This regex works form me -
          (.\.xml)|(secrets|.\.key|.\.KEY|.\.Secret|.\.secret|.\.mac|.\.MAC|.\.seed|.\.crumbSalt|.\.consoleAnnotator|.\.serverCookie|.-switch|whitelisted-callables\.d|.\.conf|filepath-filters\.d|.\.conf)$

          chetan_sharma Chetan Sharma added a comment - This regex works form me - (. \.xml)| (secrets|. \.key|. \.KEY|. \.Secret|. \.secret|. \.mac|. \.MAC|. \.seed|. \.crumbSalt|. \.consoleAnnotator|. \.serverCookie|. -switch|whitelisted-callables\.d|. \.conf|filepath-filters\.d|. \.conf)$
          calvinpark Calvin Park added a comment -

          Sorry for the necro but chetan_sharma how did you come up with that regex? How come secrets/.* doesn't work?

          calvinpark Calvin Park added a comment - Sorry for the necro but chetan_sharma how did you come up with that regex? How come secrets/.* doesn't work?
          tavin Tavin Cole added a comment -

          Because of another bug, JENKINS-64490.

          tavin Tavin Cole added a comment - Because of another bug, JENKINS-64490 .
          tavin Tavin Cole added a comment -

          We still can't backup secrets in v1.10 for some reason.

          tavin Tavin Cole added a comment - We still can't backup secrets in v1.10 for some reason.

          People

            tofuatjava Thomas Fürer
            pmr Philipp Moeller
            Votes:
            1 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: