-
Type:
New Feature
-
Resolution: Fixed
-
Priority:
Major
-
Component/s: github-branch-source-plugin
-
Environment:github-branch-source:1.9
Jenkins:2.7
The scan user needs Write permission on a repository:
- to be able to update the commit status via GitHub Branch Source (see GitHubBuildStatusNotification)
- to check whether a PR/Branch is trusted (see GitHubSCMSource)
Grant a single user with Write permissions to all organization repositories is a security concern. Git writes and status updates could instead be handle inside the Pipeline/Jenkinsfile.
This request is about a configurable solution so that a scan user don’t need Read permissions to scan PR/Branches.
- is related to
-
JENKINS-36240 Default repository permission are not considered
-
- Closed
-
