-
Improvement
-
Resolution: Unresolved
-
Minor
While the replay is good for debugging, it is also a huge security hole.
Please allow users to disable this feature.
- is related to
-
-
- Resolved
-
-
-
- Resolved
-
[JENKINS-39874] Abilty to disable pipeline-replay in Job Configuration.
Sebastien Vas
created issue -
Leonard Lee
made changes -
| Labels | Original: pipeline | New: pipeline security |
| Component/s | New: workflow-cps-plugin [ 21713 ] | |
| Component/s | Original: pipeline [ 21692 ] | |
| Labels | Original: pipeline security | New: security |
| Resolution | New: Not A Defect [ 7 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Adir Atias
made changes -
| Attachment | New: image-2019-02-21-17-08-41-268.png [ 46146 ] |
Ben Langfeld
made changes -
| Attachment | New: Screenshot 2019-08-07 at 16.48.12.png [ 48212 ] |
| Attachment | New: image-2019-10-03-11-38-21-093.png [ 49006 ] |
Ruslan Yemelianov
made changes -
| Resolution | Original: Not A Defect [ 7 ] | |
| Status | Original: Resolved [ 5 ] | New: Reopened [ 4 ] |
Ruslan Yemelianov
made changes -
| Comment |
[ I'm having the same issue as [~larkoie] user with `replay` option. It turns off only if disable `Build` permission Jenkins: 2.204.1 Matrix Authorization Strategy Plugin: 2.5 Recreate: jenkins 2.204.1 and also tested on 2.190.1 1) install jenkins with plugins: workflow-aggregator:2.6 matrix-auth:2.5 2) create new user 3) change authorization type to `Project-based Matrix Authorization Strategy` 4) Enable overall/Read for Authenticated Users 5) Create job 'pipeline' type and enable `Enable project-based security` set Do not inherit and grant permissions Job/Build, Job/Read 6) Run job 7) login from created user from step 2 and run replay ] |
Ruslan Yemelianov
made changes -
| Attachment | New: Screen Shot 2020-01-10 at 12.37.53.png [ 49961 ] |
Ruslan Yemelianov
made changes -
| Attachment | New: Screen Shot 2020-01-10 at 12.37.33.png [ 49962 ] |
