Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: New Feature
Resolution: Fixed
Priority: Major
Component/s: github-branch-source-plugin
Labels:
- cloudbees-internal-pipeline
- issue-exported-to-github
Environment:
github-branch-source:1.9
Jenkins:2.7

The scan user needs Write permission on a repository:

to be able to update the commit status via GitHub Branch Source (see GitHubBuildStatusNotification)
to check whether a PR/Branch is trusted (see GitHubSCMSource)

Grant a single user with Write permissions to all organization repositories is a security concern. Git writes and status updates could instead be handle inside the Pipeline/Jenkinsfile.

This request is about a configurable solution so that a scan user don’t need Read permissions to scan PR/Branches.

is related to

JENKINS-36240 Default repository permission are not considered

Closed

Assignee:: Unassigned
Reporter:: Allan BURDAJEWICZ

Created:: 2016-08-23 04:46
Updated:: 2025-12-02 19:36
Resolved:: 2017-10-13 20:44
Archived:: 2025-12-02 19:36

Details

Description

Attachments

Issue Links

Activity

People

Dates